Unauthorized Access Via User Impersonation

Apache nifi is vulnerable to unauthorized access via user impersonation attacks. The vulnerability exists due to a possible injection attack in a cluster environment, in the proxy chain's serialization/deserialization. A malicious user can inject in their username to impersonate another user to...

Services - Highly Critical - Arbitrary Code Execution - SA-CONTRIB-2017-029

This module provides a standardized solution for building API's so that external clients can communicate with Drupal. The module accepts user submitted data in PHP's serialization format "Content-Type: application/vnd.php.serialized" which can lead to arbitrary remote code execution. This...

CVE-2017-3159

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws...

Design/Logic Flaw

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws...

CVE-2017-3159

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws...

CVE-2017-3159

CVE-2017-3159 affects Apache Camel's camel-snakeyaml component, enabling Java deserialization that can lead to remote code execution when untrusted data is deserialized. The NVD entry assigns a high/critical impact (CVSS v3 base 9.8, NETWORK/LOW complexity, no authentication) with potential execu...

CVE-2017-3159

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws...

OpenText Documentum D2 4.x Remote Code Execution

CVE Identifier: CVE-2017-5586 Vendor: OpenText Affected products: Documentum D2 version 4.x Researcher: Andrey B. Panfilov Severity Rating: CVSS v3 Base Score: 10.0 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Description: Document D2 contains vulnerable BeanShell bsh and Apache Commons libraries and...

Google Android - Inter-process munmap in android.util.MemoryIntArray Vulnerability

Exploit for Android platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1001 The MemoryIntArray class allows processes to share an in-memory array of integers by transferring an ashmem file descriptor. As the class implements the Parcelable interface, ...

Node.js 模块 node-serialize 反序列化任意代码执行漏洞

原文链接：Exploiting Node.js deserialization bug for Remote Code Execution 有增改 原作者：Ajin Abraham 译：Holic 知道创宇404安全实验室 tl;dr 若不可信的数据传入 unserialize 函数，通过传递立即调用函数表达式（IIFE）的 JavaScript 对象可以实现任意代码执行。 漏洞详情 审计 Node.js 代码时，我正好看到一个名为 node-serialize 的序列号/反序列化模块。下面是一段代码示例，来自网络请求的 cookie 会传递到该模块的 unserialize 函数中。...

Code injection

An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression IIFE...

Code Execution through IIFE

Overview Affected versions of node-serialize can be abused to execute arbitrary code via an immediately invoked function expression IIFE if untrusted user input is passed into unserialize. Recommendation There is no direct patch for this issue. The package author has reviewed this advisory, and...

CVE-2016-8749

It was found that Apache Camel's camel-jackson and camel-jacksonxml components are vulnerable to Java object de-serialisation vulnerability. Camel allows such a type through the 'CamelJacksonUnmarshalType' property. De-serializing untrusted data can lead to security flaws as demonstrated in vario...

Node.JS - node-serialize Remote Code Execution

Node.JS - node-serialize Remote Code Execution var serialize = require'node-serialize'; var payload = '"rce":"$$NDFUNC$$function require'childprocess'.exec'ls /', functionerror, stdout, stderr console.logstdout ;"'; serialize.unserializepayload;...

Node.JS - 'node-serialize' Remote Code Execution

var serialize = require'node-serialize'; var payload = '"rce":"$$NDFUNC$$function require'childprocess'.exec'ls /', functionerror, stdout, stderr console.logstdout ;"'; serialize.unserializepayload;...

CVE-2016-5898

IBM Jazz Reporting Service JRS could allow a remote attacker to obtain sensitive information, caused by not restricting JSON serialization. By sending a direct request, an attacker could exploit this vulnerability to obtain sensitive information...

CVE-2016-5898

IBM Jazz Reporting Service JRS could allow a remote attacker to obtain sensitive information, caused by not restricting JSON serialization. By sending a direct request, an attacker could exploit this vulnerability to obtain sensitive information...

Information disclosure

IBM Jazz Reporting Service JRS could allow a remote attacker to obtain sensitive information, caused by not restricting JSON serialization. By sending a direct request, an attacker could exploit this vulnerability to obtain sensitive information...

CVE-2016-5898

IBM Jazz Reporting Service JRS could allow a remote attacker to obtain sensitive information, caused by not restricting JSON serialization. By sending a direct request, an attacker could exploit this vulnerability to obtain sensitive information...

RUSTSEC-2017-0002 headers containing newline characters can split messages

Serializing of headers to the socket did not filter the values for newline bytes \r or \n, which allowed for header values to split a request or response. People would not likely include newlines in the headers in their own applications, so the way for most people to exploit this is if an...