Skip to main content
CVE-2016-1985 CRITICAL PATCH Act Now

HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection Java Microsoft RCE Apache +1
NVD
CVSS 3.0
10.0
EPSS
2.4%
CVE-2015-7923 CRITICAL Act Now

Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Weos
NVD
CVSS 3.0
9.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy