5 matches found
EUVD-2025-115610
Malicious code in castor-webdriverio-fornax-release-it npm...
SUSE CVE-2014-3004
The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted XML document...
marshalsec
This repository is an offensive tool for Java deserialization exploitation. It is a Java-based tool that exploits Java object deserialization vulnerabilities, which can lead to remote code execution RCE and other security issues. The tool includes payload generators for various Java marshalling...
marshalsec
This is a Java-based tool for exploiting Java object deserialization vulnerabilities, specifically targeting BlazeDS AMF Action Message Format versions 0, 3, and X. The tool, named "marshalsec," is designed to test and demonstrate the exploitation of these vulnerabilities, which can lead to remot...
marshalsec
This repository is an offensive tool for Java deserialization exploitation. It is a Java-based tool for exploiting Java object deserialization vulnerabilities, which can lead to remote code execution RCE and other security issues. The tool includes various payload generators for different Java...