CVE-2026-39906

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose a deprecated .NET Remoting TCP channel that allows remote unauthenticated attackers to leak NTLMv2 machine-account hashes by supplying a Windows UNC path as a target file argument through object-unmarshalling...

CVE-2026-23746

Entrust Instant Financial Issuance (IFI) On Premise (CardWizard) software versions 5.x before 6.10.5 and before 6.11.1 expose the SmartCardControllerService (DCG.SmartCardControllerService.exe) to insecure .NET Remoting. The service registers a TCP remoting channel with unsafe formatter/settings,...

EUVD-2022-5291

Malicious code in bioql PyPI...

CVE-2024-32499

CVE-2024-32499 affects Newforma Project Center Server up to version 2023.3.0.32259, where remote code execution is possible because .NET Remoting is exposed. The connected PT-security entry confirms the vulnerability class and impact, describing that remote code execution can occur via exposed .N...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

Remoting: DoS by file descriptor exhaustion

The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of service file descriptor consumption via...