50 matches found
EUVD-2018-8839
Malware in sbrugna...
EUVD-2022-5338
Malicious code in bioql PyPI...
EUVD-2025-19133
Malicious code in bioql PyPI...
EUVD-2025-19131
Malicious code in bioql PyPI...
Malicious code in servicestack (npm)
The package servicestack was found to contain malicious code...
MAL-2025-33014 Malicious code in servicestack (npm)
The package servicestack was found to contain malicious code...
CVE-2025-6444
ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2025-6445
ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
Deserialization of Untrusted Data
Overview ServiceStack.Text is a set of JSON, JSV and CSV text serializers Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the ServiceStack.NetFxPclExport.FindType method. An attacker can execute arbitrary code by supplying a crafted path to a malicious DLL...
External Control of File Name or Path
Overview ServiceStack is a simple and fast alternative to WCF, MVC and Web API in one cohesive framework for all your services and web apps. Affected versions of this package are vulnerable to External Control of File Name or Path in the url parameter to the GetErrorResponse method. An attacker c...
CVE-2025-6444
ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2025-6445
ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2025-6445
ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2025-6445 ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability
ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2025-6445
CVE-2025-6445 affects ServiceStack via the FindType method, where lack of validation of a user-supplied path in file operations enables remote code execution in the context of the current process. Documented by multiple connected sources (e.g., ZDI advisory ZDI-25-416; Red Hat CVE entry) with att...
CVE-2025-6445 ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability
ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2025-6444 ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability
ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2025-6444
The CVE-2025-6444 entry covers a vulnerability in ServiceStack where the GetErrorResponse method in ServiceStack.Text improperly validates user-supplied data, enabling NTLM credential relay. The flaw derives from a type confusion condition caused by insufficient input validation, allowing a remot...
CVE-2025-6444 ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability
ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
ServiceStack 路径遍历漏洞
ServiceStack is an API for building high-performance web services from ServiceStack, Inc. A path traversal vulnerability exists in ServiceStack that stems from the FindType method not properly validating a user-supplied path, which could lead to remote code execution...