EUVD-2023-1748

Malicious code in bioql PyPI...

EUVD-2022-3025

Malicious code in bioql PyPI...

EUVD-2022-4176

Malicious code in bioql PyPI...

EUVD-2022-3130

Malicious code in bioql PyPI...

EUVD-2022-3350

Malicious code in bioql PyPI...

PT-2025-34530 · Undefined · Undefined

CVE-2025-57824 - "Apache Struts Deserialization Vulnerability" CVE ID : CVE-2025-57824 Published : Aug. 21, 2025, 4:15 a.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-33614 · Undefined · Undefined

CVE-2025-55724 - Apache Struts Remote Code Execution CVE ID : CVE-2025-55724 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 46 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-33612 · Undefined · Undefined

CVE-2025-55722 - Apache Struts Cross-Site Scripting XSS CVE ID : CVE-2025-55722 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 46 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-29306 · Apache · Apache Struts

Name of the Vulnerable Software and Affected Versions: Apache Struts affected versions not specified Description: The vulnerability was rejected due to it not being used. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

PT-2025-23324 · Undefined · Undefined

CVE-2022-44607 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2022-44607 Published : May 28, 2025, 7:15 p.m. | 2 hours, 16 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused Severity: 0.0 | NA...

PT-2025-23231 · Undefined · Undefined

CVE-2022-21150 - Apache Struts Deserialization Vulnerability CVE ID : CVE-2022-21150 Published : May 27, 2025, 11:15 p.m. | 2 hours, 15 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused Severity: 0.0 | NA Visi...

PT-2025-23056 · Apache · Apache Struts

Name of the Vulnerable Software and Affected Versions: Apache Struts affected versions not specified Description: The issue concerns a deserialization vulnerability. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this...

CVE-2023-34149

Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater...

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts

CVE-2024-53677 - Apache Struts 2 Remote Code Execution Vulnerabi...

PT-2024-9392

Vulnerability Summary Name of the Vulnerable Software and Affected Versions: Apache Struts versions 2.0.0 through 2.3.37, 2.5.0 through 2.5.33, and 6.0.0 through 6.3.0.2. Description A critical flaw exists in the file upload logic of Apache Struts. An attacker can manipulate file upload parameter...

DoS (Denial of Service) org.apache.struts:struts2-core Dependency in Crowd Data Center and Server

This High severity org.apache.struts:struts2-core Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.apache.struts:struts2-core Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

A week in security (December 11 – December 17)

Last week on Malwarebytes Labs: PikaBot distributed via malicious search ads Chrome starts the countdown to the end of tracking cookies Apple to introduce new feature that makes life harder for iPhone thieves Recently-patched Apache Struts vulnerability used in worldwide attacks ALPHV ransomware...

New NKAbuse Malware Exploits NKN Blockchain Tech for DDoS Attacks

A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as NKN short for New Kind of Network as a communications channel. "The malware utilizes NKN technology for data exchange between peers, functioning as a potent...

PT-2023-7502 · Apache · Apache Struts

Name of the Vulnerable Software and Affected Versions: Apache Struts versions 2.0.0 through 2.5.32 Apache Struts versions 6.0.0 through 6.3.0.1 Description: A critical vulnerability has been identified in Apache Struts, allowing attackers to manipulate file upload parameters and enable path...

The vulnerability of the Apache Struts software platform, related to unlimited resource distribution, allows attackers to cause service failures.

The vulnerability of the Apache Struts software platform is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...