CLSA-2026-1777369264 wireshark: Fix of CVE-2022-0586

CVE-2022-0586: fix infinite loop in RTMPT dissector rtmptgetamflength...

PT-2025-50515

Eibiz i-Media Server Digital Signage 3.8.0 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through AMF-encoded object manipulation. Attackers can send crafted serialized objects to the /messagebroker/amf endpoint to create administrative...

EUVD-2018-1076

Malware in sbrugna...

EUVD-2013-0463

Malware in sbrugna...

The vulnerability of the SolarWinds Security Event Manager (SEM), previously known as SolarWinds Log & Event Manager, related to deserialization flaws, allows a hacker to execute arbitrary code.

The vulnerability of the Security Event Manager SEM, a software tool for monitoring network infrastructure formerly known as SolarWinds Log & Event Manager, is related to deficiencies in the deserialization mechanism when processing AMF Action Message Format data. Exploiting this vulnerability...

PYSEC-2020-339

XML external entity XXE vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a denial of service or read arbitrary files via a crafted Action Message Format AMF payload...

Cisco Secure Access Control System Remote Code Execution Vulnerability

Cisco Secure Access Control System ACS is the United States Cisco Cisco a set of security access control system. The system can be through the RADIUS, TACACS protocol for network access and network device access control respectively. ACS Report is one of the system report generation component. An...

UBUNTU-CVE-2017-5878

The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data...

PT-2018-27: Arbitrary Command Execution in Cisco Secure ACS

The specialists of the Positive Research center have detected an Arbitrary Command Execution vulnerability in Cisco Secure ACS. A vulnerability in Cisco Secure Access Control System ACS, due to insufficient validation of the Action Message Format AMF protocol, allows unauthenticated, remote...

Action Message Format (AMF3) Java Remote Code Execution Vulnerability

AMF3 is the latest version of Adobe Action Message Format, a compressed binary format for graphical serialization of ActionScript objects. A Java remote code execution vulnerability exists in Action Message Format, which could allow an attacker to execute arbitrary code during an AMF3...

Java AMF3 deserialization vulnerability analysis-vulnerability warning-the black bar safety net

AMF Action Message Format is a binary serialization format, before the main Flash application in using this format. Recently, the Code White found to have multiple Java AMF library in the presence of vulnerabilities, and these vulnerabilities will lead to unauthenticated remote code execution...

VMware vCenter Server BlazeDS Component Remote Code Execution Vulnerability

VMware vCenter Server is a suite of server and virtualization management software from VMware. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. A remote code execution vulnerability exists...

The vulnerability of the Flash Player software, which allows a perpetrator to execute arbitrary code

The vulnerability of the Flash Player software is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code as a result of serializing the Action Message Format...

The vulnerability of the Flash Player software, which allows a perpetrator to execute arbitrary code

The vulnerability of the Action Message Format component of the Flash Player software platform is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code as a result of serialization using the Action Message Format AFM0...

flash-plugin: multiple code execution issues fixed in APSB16-39

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization AFM0. Successful exploitation could lead to arbitrary code execution...

PT-2016-2951 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 23.0.0.207 and earlier Adobe Flash Player versions 11.2.202.644 and earlier Description: The issue is related to a use after free vulnerability in the Action Message Format serialization. This vulnerability can be...