ALPINE-CVE-2024-6923

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized...

CVE-2024-6923

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized...

UBUNTU-CVE-2024-6923

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized...

CVE-2024-6923

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized...

CVE-2024-6923

CVE-2024-6923 is noted in a connected document as affecting the TensorFlow package on affected systems for versions less than 2.16.1-9; a patched version is available. No other technical details (root cause, exploit, or vectors) are provided in the sources.

CVE-2024-6923

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized...

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python that stems from a failure of the email module to properly reference line...

Ubuntu 14.04 LTS : Apache Commons Collections vulnerability (USN-6936-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6936-1 advisory. It was discovered that Apache Commons Collections allowed serialization support for unsafe classes by default. A remote attacker could possibly use this issue to...

USN-6936-1: Apache Commons Collections vulnerability

It was discovered that Apache Commons Collections allowed serialization support for unsafe classes by default. A remote attacker could possibly use this issue to execute arbitrary code...

USN-6936-1 libcommons-collections3-java vulnerability

It was discovered that Apache Commons Collections allowed serialization support for unsafe classes by default. A remote attacker could possibly use this issue to execute arbitrary code...

CVE-2024-39673

Vulnerability of serialisation/deserialisation mismatch in the iAware module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2024-39673

Vulnerability of serialisation/deserialisation mismatch in the iAware module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

PT-2024-28613 · Iaware · Iaware

Name of the Vulnerable Software and Affected Versions: iAware module affected versions not specified Description: The issue is related to a serialisation/deserialisation mismatch in the iAware module. Successful exploitation of this issue may affect service confidentiality. Recommendations: At th...

CVE-2024-5625

Improper Restriction of XML External Entity Reference vulnerability in PruvaSoft Informatics Apinizer Management Console allows Data Serialization External Entities Blowup. This issue affects Apinizer Management Console: before 2024.05.1...

CVE-2024-5625

Improper Restriction of XML External Entity Reference vulnerability in PruvaSoft Informatics Apinizer Management Console allows Data Serialization External Entities Blowup. This issue affects Apinizer Management Console: before 2024.05.1...

CVE-2024-5625 XML External Entity Injection in PruvaSoft Informatics' Apinizer Management Console

Improper Restriction of XML External Entity Reference vulnerability in PruvaSoft Informatics Apinizer Management Console allows Data Serialization External Entities Blowup. This issue affects Apinizer Management Console: before 2024.05.1...

CVE-2024-5625 XML External Entity Injection in PruvaSoft Informatics' Apinizer Management Console

Improper Restriction of XML External Entity Reference vulnerability in PruvaSoft Informatics Apinizer Management Console allows Data Serialization External Entities Blowup. This issue affects Apinizer Management Console: before 2024.05.1...

PT-2024-36773 · Unknown · Apinizer Management Console

Name of the Vulnerable Software and Affected Versions: Apinizer Management Console versions prior to 2024.05.1 Description: The issue is related to an Improper Restriction of XML External Entity Reference, which allows Data Serialization External Entities Blowup. Recommendations: For versions pri...

Atlassian Jira Service Management Data Center and Server < 5.4.18 / 5.5.x < 5.8.0 / 5.12.0 (JSDSERVER-15436)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-15436 advisory. - XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote...

Remote Code Execution (RCE)

torrentpier/torrentpier is vulnerable to Remote Code Execution RCE. The vulnerability is due to the unsafe handling of user-controlled data specifically cookies within the gettracks function in torrentpier/library/includes/functions.php, where unsafe usage of PHP's native serialization format...