768 matches found
EUVD-2025-20346
Malicious code in bioql PyPI...
EUVD-2022-34245
Malicious code in bioql PyPI...
EUVD-2023-2127
Malicious code in bioql PyPI...
EUVD-2025-20343
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-10492
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute...
CVE-2025-10492
A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...
CVE-2025-59340 jinjava Sandbox Bypass via JavaType-Based Deserialization
jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Priori to 2.8.1, by using mapper.getTypeFactory.constructFromCanonical, it is possible to instruct the underlying ObjectMapper to deserialize attacker-controlled input into arbitrary classe...
GHSA-7C3F-CG9X-F3GR JasperReports has a Java deserialisation vulnerability
A Java deserialisation vulnerability has been discovered in the Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...
JasperReports has a Java deserialisation vulnerability
A Java deserialisation vulnerability has been discovered in the Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...
CVE-2025-10492
A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...
CVE-2025-10492
A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...
UBUNTU-CVE-2025-10492
A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...
CVE-2025-10492
CVE-2025-10492 describes a Java deserialization vulnerability in the Jaspersoft Library (part of JasperReports). The issue arises from improper handling of externally supplied data, enabling attackers to execute arbitrary code remotely on systems using the affected library. The vulnerability is s...
PT-2025-38055
Name of the Vulnerable Software and Affected Versions Jaspersoft Library affected versions not specified Description A Java deserialisation issue has been identified in Jaspersoft Library. Improper handling of externally supplied data could allow attackers to execute arbitrary code remotely...
marshalsec
It is an offensive tool for Java deserialization vulnerabilities. The repository contains a Java tool called "marshalsec" that exploits Java object deserialization vulnerabilities, allowing for remote code execution. The tool includes payload generators for various Java serialization libraries,...
SEAT Queue Ticket Kiosk 代码问题漏洞
SEAT Queue Ticket Kiosk is a queue caller from SEAT. A code issue vulnerability exists in SEAT Queue Ticket Kiosk 20250827 and prior versions, which stems from a deserialization issue in the Java RMI Registry Handler component that could lead to a local network attack...
CVE-2024-28988
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing...
CVE-2024-28988
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing...
CVE-2024-28988
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing...
CVE-2024-28988 SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing...