CVE-2023-34623

An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

CVE-2023-23306

The Toybox.Ant.BurstPayload.add API method in CIQ API version 2.2.0 through 4.1.7 suffers from a type confusion vulnreability, which can result in an out-of-bounds write operation. A malicious application could create a specially crafted Toybox.Ant.BurstPayload object, call its add method, overri...

OpenImageIO Project OpenImageIO Image Output Close denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1653 OpenImageIO Project OpenImageIO Image Output Close denial of service vulnerability December 22, 2022 CVE Number CVE-2022-43594,CVE-2022-43595 SUMMARY Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageI...

The vulnerability of the _convert_from_str() function in the numpy.core module of the NumPy library allows a hacker to initiate data copying.

The vulnerability of the convertfromstr function in the numpy.core module of the NumPy library for Python is related to incorrect string comparisons. Exploiting this vulnerability could allow a malicious actor to initiate data copying through specially created objects...

Deserialization of Untrusted Data in Apache OpenJPA

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...

Design/Logic Flaw

ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large e.g., 300KB HTTP request can occupy one of the limited NGINX worke...

PT-2021-7477 · Numpy +4 · Numpy +4

Name of the Vulnerable Software and Affected Versions: NumPy versions prior to 1.22.0 NumPy versions 1.9.x Description: The issue is related to an incomplete string comparison in the numpy.core component, which allows attackers to trigger slightly incorrect copying by constructing specific string...

keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution

A flaw was found in Keycloak, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution...

PT-2020-4273 · Microsoft · Windows Com Server +1

Name of the Vulnerable Software and Affected Versions: Windows COM Server affected versions not specified Description: The issue is related to errors in processing COM object creation, which can allow an attacker to elevate their privileges using a specially crafted application. To exploit this, ...

The vulnerability of the SPPA-T3000 distributed application server, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code.

The vulnerability of the distributed application server SPPA-T3000 is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially created objects to one of the functions of the system...

Arbitrary Code Injection

Overview serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions. Affected versions of this package are vulnerable to Arbitrary Code Injection. An object like "foo": /1"/, "bar": "a"@R--0@" would be serialized as "foo": /1"/,...

CVE-2019-18319

A vulnerability has been identified in SPPA-T3000 Application Server All versions Service Pack R8.2 SP2. An attacker with network access to the Application Server could cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is independent from...

Design/Logic Flaw

A vulnerability has been identified in SPPA-T3000 Application Server All versions Service Pack R8.2 SP2. An attacker with network access to the Application Server can cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is independent from...

Siemens SPPA-T3000 Application Server Improper Authentication Vulnerability

SPPA-T3000 is a distributed control system mainly used in thermal power plants and large-scale renewable energy power plants.Application Server is the application server in it, which provides the main system services including access control, distribution of data to thin clients and archiving. A...

Siemens SPPA-T3000 improper authentication vulnerability (CNVD-2019-44769)

The SPPA-T3000 is a distributed control system mainly used in thermal power plants and large renewable energy power plants. A security vulnerability exists in the Siemens SPPA-T3000. An attacker with network access to the application server could cause a denial of service condition by sending...

Siemens SPPA-T3000 Improper Authentication Vulnerability (CNVD-2019-44768)

The SPPA-T3000 is a distributed control system mainly used in thermal power plants and large renewable energy power plants. A security vulnerability exists in the Siemens SPPA-T3000. An attacker with network access to the application server could cause a denial of service condition by sending...

Siemens SPPA-T3000 MS3000 Migration Server File Upload Vulnerability

SPPA-T3000 is a distributed control system mainly used in thermal power plants and large-scale renewable energy power plants.MS3000 Migration Server is one of the migration servers. A security vulnerability exists in the Siemens SPPA-T3000 MS3000 Migration Server. An attacker with network access ...

numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code execution

An issue was discovered in NumPy before 1.16.3. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have...

PYSEC-2019-108

DISPUTED An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior...

CVE-2017-0903

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution...