EUVD-2023-3046

Malicious code in bioql PyPI...

EUVD-2025-8092

Malicious code in bioql PyPI...

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code

...

CVE-2025-6033

There is a memory corruption vulnerability due to an out of bounds write in XMLSerialize when using SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a...

unserialize-exploit

🎯 unserialize-exploit - Explore PHP Unserialization Exploits...

CVE-2025-6033

There is a memory corruption vulnerability due to an out of bounds write in XMLSerialize when using SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a...

CVE-2025-6033 Memory Corruption issue in XML_Serialize() in NI Circuit Design Suite

There is a memory corruption vulnerability due to an out of bounds write in XMLSerialize when using SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a...

PT-2025-40006

Name of the Vulnerable Software and Affected Versions NI Circuit Design Suite versions 14.3.1 and prior Description A memory corruption issue exists due to an out-of-bounds write within the XML Serialize function when utilizing the SymbolEditor component. Successful exploitation requires an...

Malicious code in com.unity.serialization (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-47635 Malicious code in com.unity.serialization (npm)

--- -= Per source details. Do not edit below this line.=-...

colander

This is a Python library for deserialization and validation of data structures composed of strings, mappings, and lists. It is a package that can be used to serialize an arbitrary data structure to a data structure composed of strings, mappings, and lists, and to deserialize and validate a data...

CVE-2025-59414 Nuxt Client-Side Path Traversal in Nuxt Island Payload Revival

Nuxt is an open-source web development framework for Vue.js. Prior to 3.19.0 and 4.1.0, A client-side path traversal vulnerability in Nuxt's Island payload revival mechanism allowed attackers to manipulate client-side requests to different endpoints within the same application domain when specifi...

Linux Distros Unpatched Vulnerability : CVE-2022-50339

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server Pattern shipped with IBM Cloud Pak System

Summary IBM Cloud Pak System WebSphere Application Server Pattern WAS pType is vulnerable to multiple vulnerabilities in IBM SDK. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker...

CVE-2022-50339

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

UBUNTU-CVE-2022-50339

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

CVE-2022-50339

CVE-2022-50339 : In the Linux kernel Bluetooth stack, a race exists between mgmt_init_hdev() and mgmt_index_removed() where the HCI_MGMT flag testing/setting can race against testing due to missing serialization (hci_dev_lock()). The fix splits hci_dev_test_and_set_flag() into hci_dev_test_flag()...

PT-2025-38008

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to Bluetooth functionality. Specifically, a race condition can occur within the mgmt init hdev function due to the lack of serialization via hc...

PT-2025-38057

Name of the Vulnerable Software and Affected Versions: Greenshot versions 1.3.300 and earlier Description: Greenshot is a Windows screenshot utility. The software deserializes attacker-controlled data received in a WM COPYDATA message using BinaryFormatter.Deserialize without prior validation or...

Apache Fory 代码问题漏洞

Apache Fory is a serialization framework from the Apache Foundation. A code issue vulnerability exists in Apache Fory that stems from consuming excessive CPU resources when deserializing untrustworthy data, which could lead to a denial of service attack...