Lucene search
K

264 matches found

CNNVD
CNNVD
added 2026/01/23 12:0 a.m.7 views

MetaGPT code issues and vulnerabilities

MetaGPT is a multi-agent framework developed by MetaGPT Inc. There are code issues and vulnerabilities in MetaGPT; these vulnerabilities stem from the deserializemessage function’s lack of verification of the data provided by users, which may lead to the deserialization of untrusted data and remo...

9.8CVSS7.6AI score0.00993EPSS
Exploits0References1
Snyk
Snyk
added 2026/01/15 6:10 p.m.4 views

Memory Allocation with Excessive Size Value

Overview @sveltejs/kit is a SvelteKit framework and CLI Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the deserializebinaryform function via Remote Form endpoint. An attacker can cause excessive memory allocation by sending a specially crafted...

8.2CVSS6.9AI score0.00527EPSS
Exploits0References2
OSV
OSV
added 2026/01/07 6:36 p.m.2 views

GHSA-GW2X-Q739-QHCR RustFS gRPC GetMetrics deserialization panic enables remote DoS

Summary A malformed gRPC GetMetrics request causes getmetrics to unwrap failed deserialization of metrictype/opts, panicking the handler thread and enabling remote denial of service of the metrics endpoint. Details - Vulnerable code: rustfs/src/storage/tonicservice.rs:1775-1782: - MetricType and...

6.9CVSS6.8AI score0.00284EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/30 11:32 a.m.4 views

CVE-2025-15246 aizuda snail-job API FurySerializer.deserialize deserialization

A vulnerability was determined in aizuda snail-job up to 1.7.0 on macOS. Affected by this vulnerability is the function FurySerializer.deserialize of the component API. This manipulation of the argument argsStr causes deserialization. Remote exploitation of the attack is possible. The exploit has...

6.5CVSS6.4AI score0.00237EPSS
Exploits0References4
CVE
CVE
added 2025/12/30 11:32 a.m.8 views

CVE-2025-15246

Aizuda snail-job (macOS) up to version 1.7.0 is affected in the API component by FurySerializer.deserialize, where manipulating the argsStr enables deserialization leading to remote exploitation. The exploit has been publicly disclosed. Remediation: upgrade to a version newer than 1.7.0 (i.e., no...

6.5CVSS6.4AI score0.00237EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.4 views

PT-2025-53923

Name of the Vulnerable Software and Affected Versions aizuda snail-job versions up to 1.7.0 Description A flaw exists in the FurySerializer.deserialize function within the API component of aizuda snail-job. This issue involves the deserialization of the argsStr argument, potentially allowing for...

6.5CVSS6.5AI score0.00237EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/24 10:29 p.m.5 views

CVE-2025-13716

Tencent MimicMotion createpipeline Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent MimicMotion. User interaction is required to exploit this vulnerability in that the...

7.8CVSS7.9AI score0.00411EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.4 views

FreeBSD : pkcs11-helper -- deserialize buffer overflow (1a46e84d-c406-11f0-b513-0da7be77c170)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1a46e84d-c406-11f0-b513-0da7be77c170 advisory. Alon Bar-Lev reports: util: fix deserialize buffer overflow. thanks to Aarnav Bos. Tenable has extracte...

6AI score
Exploits0References2
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178905

Malicious code in final-bundle-zero-string-deserialize npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-176423

Malicious code in serialize-final-beta-deserialize-await npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-176503

Malicious code in scale-phi-deserialize-nu-sed npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-179317

Malicious code in deserialize-rain-stub-alpha-socket npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-180456

Malicious code in alpha-deserialize-book-upsilon-pi npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-179749

Malicious code in chi-bad-deserialize-throw-static npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in scale-phi-deserialize-nu-sed (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3da7cfb294f277c58d7e8fe6484b55c4210fc860ea9b97bd8165568c264fb168 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-179211

Malicious code in easy-kernel-deserialize-public-await npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in socket-table-grid-sigma-deserialize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83c9f9e87cf6fb6b68b3cd8868d6ceb7436fee28ca2f0fa8ae049c3c30db6e5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-179319

Malicious code in deserialize-double-simulate-interpret-tau npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-176302

Malicious code in socket-table-grid-sigma-deserialize npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-179318

Malicious code in deserialize-load-byte-delta-optimize npm...

6.6AI score
Exploits0
Rows per page
Query Builder