Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-6196

Malware in sbrugna...

7.2CVSS7AI score0.01836EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-11871

Malicious code in bioql PyPI...

9.8CVSS8.7AI score0.01777EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/13 1:57 a.m.18 views

Security Bulletin: A vulnerability in Apache Active MQ NMS affects IBM Robotic Process Automation and could result in arbitrary code exections (CVE-2025-29953).

Summary A vulnerability in Apache Active MQ NMS affects IBM Robotic Process Automation and could result in arbitrary code exections CVE-2025-29953. Apache Active MQ is used by IBM Robotic Process automation for integration with Apache Active MQ. This security bulletin identifies the fixes require...

9.8CVSS10AI score0.01777EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 4:19 p.m.9 views

CVE-2020-14030

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. It stores SMS messages in .NET serialized format on the filesystem. By generating and writing to the disk malicious .NET serialized files, an attacker can trick the product into deserializing them, resulting in arbitrary code executi...

7.2CVSS7.4AI score0.01836EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/04/26 6:9 a.m.9 views

CVE-2025-29953

Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...

9.8CVSS7.6AI score0.01777EPSS
Exploits0References1
GitLab Advisory Database
GitLab Advisory Database
added 2025/04/18 12:0 a.m.12 views

Apache ActiveMQ NMS OpenWire Client Deserialization of Untrusted Data vulnerability

Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...

9.8CVSS7.6AI score0.01777EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2020/03/04 12:0 a.m.610 views

Exchange Control Panel Viewstate Deserialization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'bindata' class MetasploitModule 'Exchange Control Panel Viewstate Deserialization', 'Description' = %q This module exploits a .NET serialization vulnerability i...

9CVSS0.9AI score0.99965EPSS
Exploits30
Metasploit
Metasploit
added 2020/02/28 2:57 a.m.152 views

Exchange Control Panel ViewState Deserialization

This module exploits a .NET serialization vulnerability in the Exchange Control Panel ECP web page. The vulnerability is due to Microsoft Exchange Server not randomizing the keys on a per-installation basis resulting in them using the same validationKey and decryptionKey values. With knowledge of...

8.8CVSS0.6AI score0.99965EPSS
Exploits30
Rows per page
Query Builder