65 matches found
CVE-2026-26221
Hyland OnBase contains an unauthenticated .NET Remoting exposure in the OnBase Workflow Timer Service Hyland.Core.Workflow.NTService.exe. An attacker who can reach the service can send crafted .NET Remoting requests to default HTTP channel endpoints on TCP/8900 e.g., TimerServiceAPI.rem and...
CVE-2026-26333
Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port 8001. The service publishes default ObjectURIs including EndeavorServer.rem and RemoteFileReceiver.rem and permits the use of SOAP and binary formatters with TypeFilterLevel set to Full. An...
CVE-2026-26221 Hyland OnBase Timer Service Unauthenticated .NET Remoting RCE
Hyland OnBase contains an unauthenticated .NET Remoting exposure in the OnBase Workflow Timer Service Hyland.Core.Workflow.NTService.exe. An attacker who can reach the service can send crafted .NET Remoting requests to default HTTP channel endpoints on TCP/8900 e.g., TimerServiceAPI.rem and...
PT-2026-8030
Name of the Vulnerable Software and Affected Versions Calero VeraSMART versions prior to 2022 R1 Description An unauthenticated .NET Remoting HTTP service is exposed on TCP port 8001 in affected versions. The service publishes default ObjectURIs, including EndeavorServer.rem and...
Hyland Software Hyland OnBase 安全漏洞
Hyland OnBase is a platform developed by Hyland Software in the United States, designed for managing enterprise information and processes. Hyland OnBase has a security vulnerability. This vulnerability stems from an unauthenticated .NET Remoting exposure within the OnBase Workflow Timer Service...
PT-2026-7997
Name of the Vulnerable Software and Affected Versions Hyland OnBase affected versions not specified Description The software contains an unauthenticated .NET Remoting exposure in the OnBase Workflow Timer Service Hyland.Core.Workflow.NTService.exe and the Workview Timer Service. An attacker...
CVE-2026-23746 Entrust Instant Financial Issuance (IFI) SmartCardController Service .NET Remoting RCE
Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service DCG.SmartCardControllerService.exe. The service registers a TCP remoting...
CVE-2026-23746 Entrust Instant Financial Issuance (IFI) SmartCardController Service .NET Remoting RCE
Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service DCG.SmartCardControllerService.exe. The service registers a TCP remoting...
EUVD-2026-2714
Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service DCG.SmartCardControllerService.exe. The service registers a TCP remoting...
CVE-2025-34394
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service that is insufficiently protected against deserialization of arbitrary types. This can lead to remote code execution...
CVE-2025-34395
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...
CVE-2025-34395 Barracuda RMM < 2025.1.1 Service Center .NET Remoting Path Traversal RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...
Barracuda Service Center 代码问题漏洞
Barracuda Service Center is a service center software from Barracuda USA. A code issue vulnerability exists in Barracuda Service Center versions prior to 2025.1.1, which stems from insufficient protection of the .NET Remoting service and could lead to remote code execution...
CVE-2025-34414 Entrust Instant Financial Issuance (IFI) Legacy Remoting Service .NET Remoting RCE
Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the Legacy Remoting Service that is enabled by default. The service registers a TCP remoting channel with...
CVE-2025-34414 Entrust Instant Financial Issuance (IFI) Legacy Remoting Service .NET Remoting RCE
Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the Legacy Remoting Service that is enabled by default. The service registers a TCP remoting channel with...
PT-2025-50149
Name of the Vulnerable Software and Affected Versions Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x through 6.10.5 and versions prior to 6.11.1 Description The software has an insecure .NET Remoting exposure in the Legacy Remoting...
EUVD-2025-24595
Malicious code in bioql PyPI...
CVE-2025-58384
In DOXENSE WATCHDOC before 6.1.1.5332, Deserialization of Untrusted Data can lead to remote code execution through the .NET Remoting library in the Watchdoc administration interface...
CVE-2025-58384
In DOXENSE WATCHDOC before 6.1.1.5332, Deserialization of Untrusted Data can lead to remote code execution through the .NET Remoting library in the Watchdoc administration interface...
Doxense Watchdoc 安全漏洞
Doxense Watchdoc is a print management and cost control software from Doxense France. A security vulnerability exists in Doxense Watchdoc versions prior to 6.1.1.5332, which stems from the .NET Remoting library deserializing untrustworthy data, which could lead to remote code execution...