138 matches found
EUVD-2023-59140
Malicious code in bioql PyPI...
EUVD-2024-2024
Malicious code in bioql PyPI...
CVE-2025-53693
Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Sitecore Sitecore Experience Manager XM, Sitecore Experience Platform XP allows Cache Poisoning.This issue affects Sitecore Experience Manager XM: from 9.0 through 9.3, from 10.0 through 10.4;...
Yii Framework < 2.0.52 Unsafe Reflection Regression (GHSA-ggwg-cmwp-46r5)
The version of Yii Framework installed on the remote host is prior to 2.0.52. It is, therefore, affected by an unsafe reflection vulnerability. - Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an class array key, a CVE-2024-4990 regression, as exploited in the wild in...
CVE-2025-53693
Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Sitecore Sitecore Experience Manager XM, Sitecore Experience Platform XP allows Cache Poisoning.This issue affects Sitecore Experience Manager XM: from 9.0 through 9.3, from 10.0 through 10.4;...
CVE-2025-53693 HTML Cache Poisoning through Unsafe Reflections
Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Sitecore Sitecore Experience Manager XM, Sitecore Experience Platform XP allows Cache Poisoning.This issue affects Sitecore Experience Manager XM: from 9.0 through 9.3, from 10.0 through 10.4;...
CVE-2025-53693
CVE-2025-53693 is an HTML cache poisoning vulnerability in Sitecore Experience Manager (XM) and Experience Platform (XP) caused by using externally-controlled input to select classes or code (Unsafe Reflection). Affected products: XM 9.0–9.3 and 10.0–10.4; XP 9.0–9.3 and 10.0–10.4. The underlying...
CVE-2025-53693 HTML Cache Poisoning through Unsafe Reflections
Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Sitecore Sitecore Experience Manager XM, Sitecore Experience Platform XP allows Cache Poisoning.This issue affects Sitecore Experience Manager XM: from 9.0 through 9.3, from 10.0 through 10.4;...
Linux Distros Unpatched Vulnerability : CVE-2018-1000613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlle...
(0Day) Microsoft SharePoint GetTransformer Unsafe Reflection Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the GetTransformer method. The issue results from t...
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Overview commons-beanutils:commons-beanutils is a provides an easy-to-use but flexible wrapper around reflection and introspection. Affected versions of this package are vulnerable to Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' via the getProperty and...
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Overview org.apache.commons:commons-beanutils2 is a package that provides an easy-to-use but flexible wrapper around reflection and introspection. Affected versions of this package are vulnerable to Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' via the getProper...
CVE-2024-1574
Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in the licensing feature of Mitsubishi Electric GENESIS64 versions 10.97.2 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.2 and prior, Mitsubishi Electric Hyper Historian versions 10.97.2 a...
CVE-2025-3600
In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service...
Telerik UI for ASP.NET AJAX Unsafe Reflection (CVE-2025-3600)
In Progress Telerik UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service. Note that Nessus has not tested for this issue but has instead relied only on th...
CVE-2025-3600
In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service...
CVE-2025-3600 Unsafe Reflection Vulnerability in Telerik UI for ASP.NET AJAX
In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service...
CVE-2025-3600 Unsafe Reflection Vulnerability in Telerik UI for ASP.NET AJAX
In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service...
CVE-2025-3600
CVE-2025-3600 affects Progress Telerik UI for ASP.NET AJAX, versions 2011.2.712 to 2025.1.218, due to an unsafe reflection vulnerability that may cause an unhandled exception, crashing the hosting process and leading to denial of service. Public sources (NVD/Red Hat/Nessus references) confirm the...
PT-2025-21164
Name of the Vulnerable Software and Affected Versions Progress Telerik UI for AJAX versions 2011.2.712 through 2025.1.218 Description An unsafe reflection issue exists in Progress Telerik UI for AJAX. This flaw can lead to an unhandled exception, potentially causing a crash of the hosting process...