439 matches found
EUVD-2025-32588
A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...
EUVD-2025-32586
A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This affects the function unserialize of the component Base64 Decoding Handler. Such manipulation of the argument fsettings leads to deserialization. It is possible to launch the attack remotely. Upgrading to version 8.24, 9.14 and 10....
EUVD-2025-32587
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...
CVE-2025-11346
A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This affects the function unserialize of the component Base64 Decoding Handler. Such manipulation of the argument fsettings leads to deserialization. It is possible to launch the attack remotely. Upgrading to version 8.24, 9.14 and 10....
CVE-2025-11346 ILIAS Base64 Decoding unserialize deserialization
A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This affects the function unserialize of the component Base64 Decoding Handler. Such manipulation of the argument fsettings leads to deserialization. It is possible to launch the attack remotely. Upgrading to version 8.24, 9.14 and 10....
CVE-2025-11346 ILIAS Base64 Decoding unserialize deserialization
A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This affects the function unserialize of the component Base64 Decoding Handler. Such manipulation of the argument fsettings leads to deserialization. It is possible to launch the attack remotely. Upgrading to version 8.24, 9.14 and 10....
CVE-2025-11346 ILIAS Base64 Decoding unserialize deserialization
A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This affects the function unserialize of the component Base64 Decoding Handler. Such manipulation of the argument fsettings leads to deserialization. It is possible to launch the attack remotely. Upgrading to version 8.24, 9.14 and 10....
CVE-2025-11346
The CVE concerns ILIAS up to versions 8.23/9.13/10.1 where the Base64 Decoding Handler’s unserialize function is exploitable by manipulating the f_settings argument, enabling deserialization and a remote attack. The issue’s root cause is improper handling of f_settings in the unserialize flow. Im...
CVE-2025-11344
A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...
CVE-2025-11345
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...
CVE-2025-11345 ILIAS Test Import unserialize deserialization
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...
CVE-2025-11345 ILIAS Test Import unserialize deserialization
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...
CVE-2025-11345 ILIAS Test Import unserialize deserialization
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...
CVE-2025-11345
CVE-2025-11345 affects ILIAS up to versions 8.23, 9.13, and 10.1, where the unserialize function in the Test Import component is vulnerable to deserialization, enabling a remote attack. The issue stems from improper handling of deserialization within Test Import, with remote initiation possible. ...
CVE-2025-11344 ILIAS Certificate Import code injection
A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...
CVE-2025-11344 ILIAS Certificate Import code injection
A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...
CVE-2025-11344
CVE-2025-11344 affects the ILIAS open-source learning platform in versions up to 8.23, 9.13, and 10.1. The vulnerability involves an unknown function within the Certificate Import Handler that can be manipulated to achieve Remote Code Execution . Exploitation may be possible remotely. A fix is pu...
CVE-2025-11344 ILIAS Certificate Import code injection
A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...
ILIAS 代码问题漏洞
ILIAS is an open source learning management system. A code issue vulnerability exists in ILIAS versions 8.23 and earlier, 9.13 and earlier, and 10.1 and earlier, which stems from improper handling of the Test Import component's deserialization function, which could lead to remote code execution...
ILIAS 代码问题漏洞
ILIAS is an open source learning management system from ILIAS Open Source. A code issue vulnerability exists in ILIAS versions 8.23 and earlier, 9.13 and earlier, and 10.1 and earlier, which stems from improper deserialization of the parameter fsettings in the Base64 Decoding Handler component,...