CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

78 matches found

Chainguard•added 2026/02/02 1:17 p.m.•2 views

GHSA-W3C8-7R8F-9JP8 vulnerabilities

Vulnerabilities for packages: seata...

5.2AI score

Exploits0

Chainguard•added 2026/02/02 1:17 p.m.•11 views

CVE-2024-38828 vulnerabilities

Vulnerabilities for packages: seata...

5.3CVSS7.3AI score0.00729EPSS

Exploits0

Chainguard•added 2025/10/17 1:22 p.m.•4 views

GHSA-JQ43-27X9-3V86 vulnerabilities

Vulnerabilities for packages: hadoop-fips, celeborn, tez, trino, management-api-for-apache-cassandra-4.1, seata, apache-hop-fips, pinot, management-api-for-apache-cassandra-5.0, management-api-for-apache-cassandra-4.0, thingsboard, pinot-fips, apache-hop...

5.8AI score

Exploits0

Chainguard•added 2025/10/17 1:22 p.m.•11 views

CVE-2025-59419 vulnerabilities

6.9CVSS6.8AI score0.01617EPSS

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-23981

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.00561EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-6741

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.00567EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-6743

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.01088EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-19540

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.01683EPSS

Exploits0References4

Veracode•added 2025/08/29 7:33 a.m.•3 views

Deserialization Of Untrusted Data

org.apache.seata:seata-serializer-fury is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to insecure deserialization due to improper handling of untrusted input data, which could allow attackers to execute arbitrary code...

9.8CVSS7.3AI score0.00561EPSS

Exploits0References5Affected Software1

RedhatCVE•added 2025/08/10 10:39 a.m.•13 views

CVE-2025-53606

Deserialization of Untrusted Data vulnerability in Apache Seata incubating. This issue affects Apache Seata incubating: 2.4.0. Users are recommended to upgrade to version 2.5.0, which fixes the issue...

9.8CVSS6.8AI score0.00561EPSS

Exploits0References1

Snyk•added 2025/08/08 12:32 p.m.•4 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the FurySerializerFactory class, which handles serialized data. An attacker can execute arbitrary code by submitting crafted input to the affected component. Details Serialization is a process of...

9.8CVSS7.8AI score0.00561EPSS

Exploits0References2

vulnersOsv•added 2025/08/08 12:32 p.m.•4 views

cc.zzzyu.seata:seata-server (=2.4.0), io.xuxiaowei.seata:seata-server (=2.4.0) +7 more potentially affected by CVE-2025-53606 via org.apache.seata:seata-serializer-fury (=2.4.0)

org.apache.seata:seata-serializer-fury MAVEN version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.seata:seata-serializer-fury and may be impacted: - cc.zzzyu.seata:seata-server =2.4.0 - io.xuxiaowei.seata:seata-server =2.4.0 -...

9.8CVSS5.8AI score0.00561EPSS

Exploits0

OSV•added 2025/08/08 12:32 p.m.•4 views

GHSA-G358-G2PQ-C46J Apache Seata: Deserialization of untrusted Data in Apache Seata Server

9.3CVSS6.6AI score0.00561EPSS

Exploits0References5

Github Security Blog•added 2025/08/08 12:32 p.m.•9 views

Apache Seata: Deserialization of untrusted Data in Apache Seata Server

9.8CVSS6.2AI score0.00561EPSS

Exploits0References5Affected Software1

NVD•added 2025/08/08 10:15 a.m.•9 views

CVE-2025-53606

9.8CVSS0.00561EPSS

Exploits0References2

OSV•added 2025/08/08 10:15 a.m.•4 views

CVE-2025-53606

9.8CVSS7.1AI score

Exploits0References2

Cvelist•added 2025/08/08 9:22 a.m.•10 views

CVE-2025-53606 Apache Seata (incubating): Deserialization of untrusted Data in Apache Seata Server

0.00561EPSS

Exploits0References1

Vulnrichment•added 2025/08/08 9:22 a.m.•3 views

CVE-2025-53606 Apache Seata (incubating): Deserialization of untrusted Data in Apache Seata Server

6.3AI score0.00561EPSS

Exploits0References1

CVE•added 2025/08/08 9:22 a.m.•31 views

CVE-2025-53606

CVE-2025-53606 describes a Deserialization of Untrusted Data vulnerability in Apache Seata (incubating) affecting version 2.4.0 . The issue allows high-severity impact (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) with network-prioritized exploitation and no user interaction required. The recom...

9.8CVSS6.4AI score0.00561EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2025/08/08 12:0 a.m.•6 views

The vulnerability of the distribution and transaction optimization software in the Apache Seata microservice architecture, related to shortcomings in the deserialization mechanism, allows attackers to trigger service failures.

The vulnerability of distribution software and the improvement of transaction performance in the architecture of Apache Seata microservices is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to trigger service failures through a...

10CVSS8AI score0.01683EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by