Lucene search
+L

298 matches found

nuclei
nuclei
added yesterday17 views

Apache Dubbo 2.5.x-2.7.4 - Insecure Deserialization

Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance of Apache Dubbo, if this instance enables HTTP. This issue affected Apache Dubbo 2.7.0 to 2.7.4,...

9.8CVSS7AI score0.35319EPSS
Exploits2References4
vulnersosv
vulnersosv
added 2026/06/08 11:1 p.m.8 views

ai.h2o:h2o-algos (=0.1.9), ai.h2o:h2o-app (=0.1.9) +2053 more potentially affected by CVE-2026-45536 via io.netty:netty-transport-native-kqueue (>=4.1.11.Final <=4.1.134.Final)

io.netty:netty-transport-native-kqueue MAVEN version =4.1.11.Final, =3.30.1.1, =3.10.0.5, =0.2.3.5, =0.1.0, =0.0.1, =2.4.0, =1.5.0, =3.0.0, =3.0.0, =3.0.1 and more Source cves: CVE-2026-45536 Source advisory: OSV:GHSA-W573-9FFJ-6FF9...

4CVSS5.7AI score0.00136EPSS
Exploits0
githubexploit
githubexploit
added 2026/06/02 7:3 a.m.92 views

hermes-sidecar-poc

Hermes PoC — Pod + Nacos + Math microservice Dubbo Triple S...

5.8AI score
Exploits0
githubexploit
githubexploit
added 2026/04/16 1:55 p.m.243 views

Exploit for CVE-2026-22679

CVE-2026-22679: Weaver E-cology Unauthenticated RCE via dubboA...

9.8CVSS6.7AI score0.2148EPSS
Exploits1
cvelist
cvelist
added 2026/04/07 12:51 p.m.27 views

CVE-2026-22679 Weaver E-cology 10.0 Unauthenticated RCE via dubboApi Debug Endpoint

Weaver Fanwei E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows attackers to execute arbitrary commands by invoking exposed debug functionality. Attackers can craft PO...

9.8CVSS0.2148EPSS
Exploits1References4
osv
osv
added 2026/03/18 12:48 p.m.5 views

MAL-2026-1720 Malicious code in dubbo-web-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c89acd0553894e9764e6be95bd53e03f5ecab30099098b94c5f7e74e44af8695 The package dubbo-web-example was found to contain malicious code...

5.8AI score
Exploits0
ossf
ossf
added 2026/03/18 12:48 p.m.8 views

Malicious code in dubbo-web-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c89acd0553894e9764e6be95bd53e03f5ecab30099098b94c5f7e74e44af8695 The package dubbo-web-example was found to contain malicious code...

5.8AI score
Exploits0
ossf
ossf
added 2025/12/16 7:5 a.m.7 views

Malicious code in dubbo-js-private-workspace (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d7718e849fa01a112b317438650757b783681fbb3361ec73154005719f6f892 The package dubbo-js-private-workspace was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References3
snyk
snyk
added 2025/12/16 7:5 a.m.1 views

Malicious Package

Overview dubbo-js-private-workspace is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
euvd
euvd
added 2025/12/16 7:5 a.m.3 views

EUVD-2025-203513

Malicious code in dubbo-js-private-workspace npm...

6.6AI score
Exploits0References1
osv
osv
added 2025/12/16 7:5 a.m.6 views

MAL-2025-192586 Malicious code in dubbo-js-private-workspace (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d7718e849fa01a112b317438650757b783681fbb3361ec73154005719f6f892 The package dubbo-js-private-workspace was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References3
veracode
veracode
added 2025/12/13 5:9 a.m.13 views

Remote Code Execution (RCE)

org.apache.dubbo:dubbo is vulnerable to Remote Code Execution RCE. The vulnerability is due to insecure deserialization handling in hessian-lite during exception logging, which allows an attacker to execute malicious code through crafted serialized data...

9.8CVSS7.5AI score0.15313EPSS
Exploits1References2Affected Software1
euvd
euvd
added 2025/10/07 12:30 a.m.34 views

EUVD-2021-2105

Malware in sbrugna...

8.8CVSS8.5AI score0.02019EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.16 views

EUVD-2021-2103

Malware in sbrugna...

9.8CVSS9.2AI score0.02467EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-2100

Malware in sbrugna...

9.8CVSS9.2AI score0.06742EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-2042

Malware in sbrugna...

9.8CVSS9.1AI score0.02905EPSS
Exploits0References7
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-1367

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.60427EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1521

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.61463EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1324

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.04197EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-1431

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.02073EPSS
Exploits0References3
Rows per page
Query Builder