CVE-2026-25551

Seagull Software BarTender 2021 R1 through 12.0.1 contains an insecure deserialization vulnerability that allows low-privileged local users to escalate privileges. The DataServiceSingleton .NET Remoting endpoint is bound to localhost on TCP port 7375 via BtSystem.Service.exe, limiting the attack...

CVE-2020-6967

In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data...

CVE-2025-27816

A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The vulnerability is present in the Windows PluginHost service, which runs on all the servers where...

PT-2025-10050 · Veritas · Arctera Infoscale

Name of the Vulnerable Software and Affected Versions: Arctera InfoScale versions 7.0 through 8.0.2 Description: A vulnerability was discovered in Arctera InfoScale where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The...

PT-2024-5496 · Jenkins +2 · Jenkins +2

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.470 and earlier, LTS versions 2.452.3 and earlier Description: A critical issue in Jenkins allows agent processes to read arbitrary files from the Jenkins controller file system by using the ClassLoaderProxyfetchJar method ...

Security feature bypass

Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka "TypeFilterLevel Vulnerability."...