CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations...

CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection...

DEBIAN-CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations...

UBUNTU-CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection...

PT-2025-7615

Name of the Vulnerable Software and Affected Versions Exim versions 4.98 through 4.98.0 Description The issue allows remote SQL injection when SQLite hints and ETRN serialization are used. This could potentially allow a remote attacker to perform SQL injection, possibly stealing sensitive data or...

Exim 安全漏洞

Exim is an open source messaging agent MTA from Exim Open Source that runs on Unix systems and is responsible for routing, forwarding and delivering mail. A security vulnerability exists in Exim prior to version 4.98.1 that stems from allowing remote SQL injection when using SQLite hints and ETRN...

exim -- SQL injection

[email protected] reports: Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection...

CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations...

CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations...

Remote Code Execution (RCE)

Apache Ignite is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper deserialization due to the configured Class Serialization Filters being ignored for some Ignite endpoints, allowing an attacker to send a maliciously crafted message that executes arbitrary code on the...

CVE-2024-52577

A flaw was found in Apache Ignite. This vulnerability allows remote code execution via specially crafted Ignite messages that bypass Class Serialization Filters. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Securit...

GHSA-8355-XJ3P-HV6Q Apache Ignite: Possible RCE when deserializing incoming messages by the server node

In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an attacker manually crafts an Ignite message containing a vulnerable object whose class is present in the Ignite server...

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to Class Serialization Filters being ignored for some Ignite endpoints. An attacker can execute arbitrary code on the server by sending a crafted message containing a vulnerable object whose class i...

CVE-2024-52577

In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an attacker manually crafts an Ignite message containing a vulnerable object whose class is present in the Ignite server...

CVE-2024-52577

In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an attacker manually crafts an Ignite message containing a vulnerable object whose class is present in the Ignite server...

CVE-2024-52577 Apache Ignite: Possible RCE when deserializing incoming messages by the server node

In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an attacker manually crafts an Ignite message containing a vulnerable object whose class is present in the Ignite server...

CVE-2024-52577 Apache Ignite: Possible RCE when deserializing incoming messages by the server node

In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an attacker manually crafts an Ignite message containing a vulnerable object whose class is present in the Ignite server...

CVE-2024-52577

CVE-2024-52577 concerns Apache Ignite: versions 2.6.0 through

SUSE CVE-2024-45772

Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users ar...

Apache Ignite 安全漏洞

Apache Ignite is a high-performance, integrated and distributed in-memory computing and transaction management platform for large-scale dataset processing from the Apache Foundation USA. A security vulnerability exists in Apache Ignite version 2.6.0 through versions prior to 2.17.0 that stems fro...