13 matches found
SUSE CVE-2026-44057
A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...
CVE-2026-44057
A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...
CVE-2026-44057
CVE-2026-44057 : Netatalk versions 3.0.0–4.4.2 contain a dead bounds check in the Spotlight RPC unmarshaller, causing an unreachable code path that offers no effective bounds protection. This may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC request...
CVE-2026-44057 Dead bounds check in Spotlight RPC unmarshaller
A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...
CVE-2026-44057
A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...
EUVD-2026-31243
A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604-RCE Vulnerability A deserialization vulnerab...
Apache ActiveMQ Unauthenticated Remote Code Execution Exploit
This module exploits a deserialization vulnerability in the OpenWire transport unmarshaller in Apache ActiveMQ. Affected versions include 5.18.0 through to 5.18.2, 5.17.0 through to 5.17.5, 5.16.0 through to 5.16.6, and all versions before 5.15.16. This module requires Metasploit:...
Apache ActiveMQ Unauthenticated Remote Code Execution
This module exploits a deserialization vulnerability in the OpenWire transport unmarshaller in Apache ActiveMQ. Affected versions include 5.18.0 through to 5.18.2, 5.17.0 through to 5.17.5, 5.16.0 through to 5.16.6, and all versions before 5.15.16. Module Options msf use...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
Java Unmarshaller Security - Turning your data into code execu...
Debian Security Advisory DSA 2842-1 (libspring-java - denial of service)
Alvaro Munoz discovered a XML External Entity XXE injection in the Spring Framework which can be used for conducting CSRF and DoS attacks on other sites. The Spring OXM wrapper did not expose any property for disabling entity resolution when using the JAXB unmarshaller. There are four possible...
DSA-2842-1 libspring-java - several
Bulletin has no description...
XXE Injection in Spring Framework
Hello! I'll give you additional information concerning advisory XML External Entity XXE Injection in Spring Framework http://securityvulns.ru/docs29758.html. ------------------------- Affected products: ------------------------- - 3.0.0 to 3.2.3 Spring OXM & Spring MVC - 4.0.0.M1 Spring OXM -...