CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

74 matches found

Chainguard•added 2026/02/02 1:17 p.m.•2 views

GHSA-W3C8-7R8F-9JP8 vulnerabilities

Vulnerabilities for packages: seata...

5.2AI score

Exploits0

Chainguard•added 2026/02/02 1:17 p.m.•6 views

CVE-2024-38828 vulnerabilities

Vulnerabilities for packages: seata...

5.3CVSS7.3AI score0.00076EPSS

Exploits0

Chainguard•added 2025/10/17 1:22 p.m.•9 views

CVE-2025-59419 vulnerabilities

Vulnerabilities for packages: management-api-for-apache-cassandra-5.0, celeborn, seata, hadoop-fips, thingsboard, management-api-for-apache-cassandra-4.1, trino, management-api-for-apache-cassandra-4.0, tez, apache-hop, pinot-fips, apache-hop-fips...

6.9CVSS6.8AI score0.00237EPSS

Exploits0

Chainguard•added 2025/10/17 1:22 p.m.•2 views

GHSA-JQ43-27X9-3V86 vulnerabilities

5.8AI score

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-19540

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00523EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-6741

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.00149EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-6743

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.0019EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-23981

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.00427EPSS

Exploits0References3

Veracode•added 2025/08/29 7:33 a.m.•1 views

Deserialization Of Untrusted Data

org.apache.seata:seata-serializer-fury is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to insecure deserialization due to improper handling of untrusted input data, which could allow attackers to execute arbitrary code...

9.8CVSS7.3AI score0.00427EPSS

Exploits0References5Affected Software1

RedhatCVE•added 2025/08/10 10:39 a.m.•6 views

CVE-2025-53606

Deserialization of Untrusted Data vulnerability in Apache Seata incubating. This issue affects Apache Seata incubating: 2.4.0. Users are recommended to upgrade to version 2.5.0, which fixes the issue...

9.8CVSS6.8AI score0.00427EPSS

Exploits0References1

Snyk•added 2025/08/08 12:32 p.m.•3 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the FurySerializerFactory class, which handles serialized data. An attacker can execute arbitrary code by submitting crafted input to the affected component. Details Serialization is a process of...

9.8CVSS7.8AI score0.00427EPSS

Exploits0References2

OSV•added 2025/08/08 12:32 p.m.•4 views

GHSA-G358-G2PQ-C46J Apache Seata: Deserialization of untrusted Data in Apache Seata Server

9.3CVSS6.6AI score0.00427EPSS

Exploits0References5

vulnersOsv•added 2025/08/08 12:32 p.m.•1 views

cc.zzzyu.seata:seata-server (=2.4.0), io.xuxiaowei.seata:seata-server (=2.4.0) +7 more potentially affected by CVE-2025-53606 via org.apache.seata:seata-serializer-fury (=2.4.0)

org.apache.seata:seata-serializer-fury MAVEN version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.seata:seata-serializer-fury and may be impacted: - cc.zzzyu.seata:seata-server =2.4.0 - io.xuxiaowei.seata:seata-server =2.4.0 -...

9.8CVSS5.8AI score0.00427EPSS

Exploits0

Github Security Blog•added 2025/08/08 12:32 p.m.•8 views

Apache Seata: Deserialization of untrusted Data in Apache Seata Server

9.8CVSS6.2AI score0.00427EPSS

Exploits0References5Affected Software1

NVD•added 2025/08/08 10:15 a.m.•5 views

CVE-2025-53606

9.8CVSS0.00427EPSS

Exploits0References2

OSV•added 2025/08/08 10:15 a.m.•3 views

CVE-2025-53606

9.8CVSS7.1AI score

Exploits0References2

Cvelist•added 2025/08/08 9:22 a.m.•8 views

CVE-2025-53606 Apache Seata (incubating): Deserialization of untrusted Data in Apache Seata Server

0.00427EPSS

Exploits0References1

CVE•added 2025/08/08 9:22 a.m.•20 views

CVE-2025-53606

CVE-2025-53606 describes a Deserialization of Untrusted Data vulnerability in Apache Seata (incubating) affecting version 2.4.0 . The issue allows high-severity impact (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) with network-prioritized exploitation and no user interaction required. The recom...

9.8CVSS6.4AI score0.00427EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2025/08/08 9:22 a.m.•2 views

CVE-2025-53606 Apache Seata (incubating): Deserialization of untrusted Data in Apache Seata Server

6.3AI score0.00427EPSS

Exploits0References1

Positive Technologies•added 2025/08/08 12:0 a.m.•4 views

PT-2025-32351 · Apache · Apache Seata

Name of the Vulnerable Software and Affected Versions: Apache Seata incubating version 2.4.0 Description: The software is susceptible to a deserialization of untrusted data issue. Successful exploitation of this issue could allow attackers to execute arbitrary code. The vulnerability impacts...

9.8CVSS7.5AI score0.00427EPSS

Exploits0References11

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by