66 matches found
EUVD-2022-47500
Malicious code in bioql PyPI...
EUVD-2023-0042
Malicious code in bioql PyPI...
EUVD-2022-4922
Malicious code in bioql PyPI...
EUVD-2022-5807
Malicious code in bioql PyPI...
UBUNTU-CVE-2022-50339
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...
Linux Distros Unpatched Vulnerability : CVE-2018-5344
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lorelease serialization, which allows attackers to cause a denial of service lockacquire...
Astra Linux – Vulnerability in Python 3.11
There is a medium-severity vulnerability affecting CPython. The email module does not properly quote newlines for email headers when serializing an email message, allowing for header injection when an email is serialized...
CVE-2023-27372
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1...
CVE-2023-26548
The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect availability...
CVE-2022-41596
The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components...
CVE-2021-24028
An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00...
CVE-2019-0189
The java.io.ObjectInputStream is known to cause Java serialisation issues. This issue here is exposed by the "webtools/control/httpService" URL, and uses Java deserialization to perform code execution. In the HttpEngine, the value of the request parameter "serviceContext" is passed to the...
CVE-2025-4641
Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux XML parsing components modules allows Data Serialization External Entities Blowup. This vulnerability is associated with program files...
K000150901: Linux kernel vulnerability CVE-2024-46713
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event-mmapmutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. Note that in the lock order...
CVE-2025-27830
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of DollarBlend in a font, for base/writet1.c and psi/zfapi.c...
Azure Linux 3.0 Security Update: kernel (CVE-2024-47739)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47739 advisory. - In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to preve...
USN-7096-2 openjdk-8 regressions
USN-7096-1 fixed vulnerabilities in OpenJDK 8. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Andy Boothe discovered that the Networking component of OpenJDK 8 did not properly handle access under...
CVE-2024-40624
TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can use phpggc and the chain Guzzle/FW1 to write PHP code to...
BIT-PYTHON-MIN-2024-6923 Email header injection due to unquoted newlines
There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized...
Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: Updated to Java 8.0 Service Refresh 8 Fix Pack 35 with Oracle October 15 2024 CPU bsc1232064: - CVE-2024-21208: Fixed partial DoS in component Networking bsc1231702,JDK-8328286 - CVE-2024-21210: Fixed unauthorized update, insert or delete...