CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4211 matches found

RedHat Linux•added 2004/12/02 10:13 a.m.•2 views

security flaw

A "missing serialization" error in the unixdgramrecvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition...

6.2CVSS5.7AI score0.00061EPSS

Exploits0References4

CVE•added 2004/12/01 5:0 a.m.•73 views

CVE-2004-1068

CVE-2004-1068 involves a missing serialization flaw in the unix_dgram_recvmsg path of Linux kernels 2.4.27 and earlier, and 2.6.x up to 2.6.9. The issue enables local users to potentially gain privileges due to a race condition. The description explicitly states the vulnerability is a local privi...

6.2CVSS7.3AI score0.00061EPSS

Exploits0References21Affected Software5

exploitpack•added 2002/07/17 12:0 a.m.•12 views

Python 1.5.2 Pickle - Unsafe eval() Code Execution

Python 1.5.2 Pickle - Unsafe eval Code Execution source: https://www.securityfocus.com/bid/5255/info Python is an open source, object oriented programming language. The Python Pickle module is provided to convert object variables into a serialized form "pickling", and later recover the data back...

7.8AI score

Exploits0

exploitpack•added 2001/04/24 12:0 a.m.•11 views

Sendfile 1.x2.1 - Forced Privilege Lowering Failure

Sendfile 1.x2.1 - Forced Privilege Lowering Failure source: https://www.securityfocus.com/bid/2652/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. A serialization error exists in the Sendfile daemon, sendfiled. When used in conjunction...

Exploits0

Exploit DB•added 2001/04/24 12:0 a.m.•21 views

Sendfile 1.x/2.1 - Forced Privilege Lowering Failure

source: https://www.securityfocus.com/bid/2652/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. A serialization error exists in the Sendfile daemon, sendfiled. When used in conjunction with other problems found in the daemon, it may be...

7.4AI score

Exploits0

Debian CVE•added 1976/01/01 12:0 a.m.•34 views

CVE-2022-40154

Removed by vendor...

8.6AI score

Exploits0

Friends Of PHP•added 1970/01/01 12:0 a.m.•16 views

Cookie serialization vulnerability

More info at https://laravel.com/docs/5.6/upgradeupgrade-5.6.30...

7.2AI score

Exploits0Affected Software1

Friends Of PHP•added 1970/01/01 12:0 a.m.•16 views

CVE-2020-5220: Ability to define unintended serialisation groups via HTTP header which might lead to data exposure

Impact ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. This might lead to data exposure by using an unintended serialisation group - for example it could make Shop API use a more permissive group from Admin API. Anyone exposing an API with ResourceBundle's...

5.3CVSS4.9AI score0.00323EPSS

Exploits0Affected Software1

Friends Of PHP•added 1970/01/01 12:0 a.m.•20 views

CVE-2019-18889: Forbid serializing AbstractAdapter and TagAwareAdapter instances

More info at https://symfony.com/cve-2019-18889...

9.8CVSS7.2AI score0.05134EPSS

Exploits0Affected Software1

Friends Of PHP•added 1970/01/01 12:0 a.m.•22 views

CVE-2019-18889: Forbid serializing AbstractAdapter and TagAwareAdapter instances

More info at https://symfony.com/cve-2019-18889...

9.8CVSS7.2AI score0.05134EPSS

Exploits0Affected Software1