CVE-2025-5680 Shenzhen Dashi Tongzhou Information Technology AgileBPM Groovy Script SysScriptController.java executeScript deserialization

A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected by this vulnerability is the function executeScript of the file /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java of the component Groovy Script...

CVE-2025-5680

CVE-2025-5680 affects AgileBPM up to 2.5.0. Root cause: deserialization in the Groovy Script Handler, via the executeScript function in SysScriptController.java, allowing remote exploitation. Exploit described publicly; remote attack possible. Affected component: Groovy Script Handler (executeScr...

AgileBPM 代码问题漏洞

AgileBPM is an agile development platform from the China AgileBPM project. A code issue vulnerability exists in AgileBPM 2.5.0 and earlier versions, which stems from a misuse of the parameter script in the file SysScriptController.java in the component Groovy Script Handler, resulting in...

PT-2025-23973

Name of the Vulnerable Software and Affected Versions AgileBPM versions up to 2.5.0 Description A critical vulnerability was found in AgileBPM, affecting the executeScript function of the Groovy Script Handler component. The manipulation of the script argument leads to deserialization, allowing f...

CVE-2023-1003

A vulnerability, which was classified as critical, was found in Typora up to 1.5.5 on Windows. Affected is an unknown function of the component WSH JScript Handler. The manipulation leads to code injection. An attack has to be approached locally. The exploit has been disclosed to the public and m...

The vulnerability of the JavaScript script handler interface of Google Chrome’s V8 engine allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the JavaScript script handler interface of Google Chrome’s V8 engine is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of JavaScript script handlers in Google Chrome browsers allows attackers to partially compromise the accessibility of protected information.

The vulnerability of JavaScript script handlers in Google Chrome browsers relates to reading beyond the buffer boundary. Exploiting this vulnerability allows a malicious actor to partially compromise the accessibility of protected information through a specially crafted HTML page...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2024-37773 · Zmops · Argusdbm

Name of the Vulnerable Software and Affected Versions: zmops ArgusDBM version 0.1.0 Description: A critical issue was found in the getDefaultClassLoader function of the CalculateAlarm.java file, part of the AviatorScript Handler component. This issue leads to deserialization and can be exploited...

The vulnerability of the MarkStack JavaScript script handler component in the Mozilla Firefox browser allows a hacker to trigger a service failure.

The vulnerability of the MarkStack JavaScript script handler component in Mozilla Firefox relates to access to an uninitialized pointer due to incorrect use of the assignment operator. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to access to resources through incompatible types. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created malicious HTML page...

The vulnerability of the JavaScript script handler interface in Google Chrome and Microsoft Edge browsers allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the JavaScript script handler interface in Google Chrome and Microsoft Edge browsers is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information by openin...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Windows operating system script handlers allows a perpetrator to trigger a service failure.

The vulnerability of Windows operating system script handlers is related to the issue of operations going beyond the buffer boundaries in memory when processing the dynamic library jscript9.dll. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Elasticsearch Security Vulnerabilities

Elasticsearch is a search engine based on the Lucene library. A security vulnerability exists in Elasticsearch that stems from the use of misformatted scripts in the script handler of the ingestion pipeline, which causes nodes to crash...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability in the JavaScript script handler of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a hacker to induce a service failure.

The vulnerability of JavaScript script handlers in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to access to resources through incompatible types. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type conversion errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type conversion errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...