704 matches found
CVE-2025-3426
We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...
CVE-2025-3426 Use of default hardcoded credentials
We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...
CVE-2025-3426 Use of default hardcoded credentials
We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-enginee...
CVE-2025-3424
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the "Object Marshalling" technique, which allows an attacker to read internal files without any authentication. This is possible by crafting specifi...
CVE-2025-3425 Unauthenticated Remote Code Execution via .NET Deserialization
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the deserialization vulnerability. After analyzing the configuration files, we observed that the server had set the TypeFilterLevel to Full which is...
CVE-2025-3424 3.2.1 Arbitrary File Read in insecure .NET Remoting TCP Channel
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the "Object Marshalling" technique, which allows an attacker to read internal files without any authentication. This is possible by crafting specifi...
CVE-2025-3424
The CVE-2025-3424 issue affects Philips IntelliSpace Portal (versions 12 and prior) and stems from the .NET Remoting-based access on port 755 via Object Marshalling, enabling an unauthenticated attacker to read internal files by crafting specific Remoting URLs derived from client-side configurati...
CVE-2025-3424 3.2.1 Arbitrary File Read in insecure .NET Remoting TCP Channel
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the "Object Marshalling" technique, which allows an attacker to read internal files without any authentication. This is possible by crafting specifi...
Philips IntelliSpace Portal 安全漏洞
Philips IntelliSpace Portal is an advanced medical image analysis platform from Philips Netherlands that provides multimodal image processing and automated diagnostic tools. A security vulnerability exists in Philips IntelliSpace Portal version 12 and earlier, which stems from a .NET Remoting...
io.hawt:hawtio-wildfly (=2.17.7), io.kokuwa.keycloak:keycloak-event-metrics (>=0.1.0 <=1.0.0) +133 more potentially affected by CVE-2024-12369 via org.wildfly.security:wildfly-elytron-http-oidc (>=1.17.0.Final <=2.2.8.Final)
org.wildfly.security:wildfly-elytron-http-oidc MAVEN version =1.17.0.Final, =0.1.0, =9.4.45.v20220203, =9.4.45.v20220203, =9.4.45.v20220203, =10.0.8, =12.0.1, =12.0.1, =12.0.1, =10.0.10, =13.0.0.CR1, =3.1.0.Final, =3.1.1.Alpha1 - org.jboss.resteasy.spring:galleon-feature-pack-layers-metadata-test...
CVE-2025-27816
A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The vulnerability is present in the Windows PluginHost service, which runs on all the servers where...
CVE-2025-27816
A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The vulnerability is present in the Windows PluginHost service, which runs on all the servers where...
CVE-2025-27816
A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The vulnerability is present in the Windows PluginHost service, which runs on all the servers where...
CVE-2025-27816
A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The vulnerability is present in the Windows PluginHost service, which runs on all the servers where...
CVE-2025-27816
CVE-2025-27816 is a vulnerability in Arctera InfoScale 7.0–8.0.2 where insecure deserialization of untrusted messages in a .NET remoting endpoint can be exploited via the Windows Plugin_Host service (used when Disaster Recovery is configured). The DR Wizard-enabled deployment exposes this endpoin...
PT-2025-10050 · Veritas · Arctera Infoscale
Name of the Vulnerable Software and Affected Versions: Arctera InfoScale versions 7.0 through 8.0.2 Description: A vulnerability was discovered in Arctera InfoScale where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The...
CVE-2021-44680
An issue 4 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...
CVE-2021-44682
An issue 6 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...
CVE-2021-44677
An issue 1 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...
CVE-2021-44681
An issue 5 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...