282 matches found
EUVD-2021-10821
Malware in sbrugna...
EUVD-2014-1688
Malware in sbrugna...
EUVD-2013-0012
Malware in sbrugna...
EUVD-2023-59223
Malicious code in bioql PyPI...
Exploit for CVE-2025-49113
CVE-2025-49113 - Roundcube Webmail Remote Code Execution Vulne...
Linux Distros Unpatched Vulnerability : CVE-2016-6199
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to execute arbitrary code via a crafted serialized object. CVE-2016-6199 Note that Nessus relies...
CVE-2025-55136
ERC aka Emotion Recognition in Conversation through 0.3 has insecure deserialization via a serialized object because jsonpickle is used...
CVE-2025-48780
A deserialization of untrusted data vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a crafted serialized object...
CVE-2006-6017
WordPress before 2.0.5 does not properly store a profile containing a string representation of a serialized object, which allows remote authenticated users to cause a denial of service application crash via a string that represents a 1 malformed or 2 large serialized object, because the object...
Security Bulletin: Apache Commons Collections library in WebSphere Application Server Knowledge Center is vulnerable (CVE-2015-7450)
Summary The Knowledge Center Component used in Version 9 of the WebSphere Application Server needs an updated Apache Commons Collections library. Vulnerability Details CVEID:CVE-2015-7450 DESCRIPTION: Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT...
CVE-2024-54136 Untrusted Deserialization in ClipBucket-v5 Version 5.5.1 Revision 199 and Below
ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 5.5.1 Revision 199 and below is vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/upload.php where the user supplied input via collection get parameter is directly provided to...
Arbitrary Code Execution
clojure is vulnerable to Arbitrary Code Execution. The vulnerability is due to the server deserializing untrusted objects. Classes can be used to construct serialized object which executes arbitrary code upon deserialization...
Clojure classes can be used to craft a serialized object that runs arbitrary code on deserialization
In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects...
GHSA-JGXC-8MWQ-9XQW Clojure classes can be used to craft a serialized object that runs arbitrary code on deserialization
In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects...
CVE-2023-7032
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker logged in with a user level account to gain higher privileges by providing a harmful serialized object...
CVE-2023-7032
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker logged in with a user level account to gain higher privileges by providing a harmful serialized object...
Deserialization of untrusted data
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker logged in with a user level account to gain higher privileges by providing a harmful serialized object...
CVE-2023-7032
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker logged in with a user level account to gain higher privileges by providing a harmful serialized object...
CVE-2023-7032
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker logged in with a user level account to gain higher privileges by providing a harmful serialized object...
SUSE CVE-2016-5003
The Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an element...