109 matches found
EUVD-2016-9872
Malware in sbrugna...
EUVD-2019-0345
Malware in sbrugna...
EUVD-2016-9874
Malware in sbrugna...
EUVD-2016-9870
Malware in sbrugna...
EUVD-2016-9871
Malware in sbrugna...
EUVD-2023-2318
Malicious code in bioql PyPI...
MAL-2025-47758 Malicious code in django-aerospike-sessions (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 feba434f8a55ca606e9301308486d6d3d6f518430157438198d692432c18da23 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in django-aerospike-sessions (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 feba434f8a55ca606e9301308486d6d3d6f518430157438198d692432c18da23 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
aerospike-vector-search (>=1.0.0 <=4.2.0), agent-amory-core (=0.1.1) +438 more potentially affected by CVE-2025-4565 via protobuf (>=5.26.0rc2 <=5.29.4)
protobuf PYPI version =5.26.0rc2, =1.0.0, =0.1.0, =0.1.0, =0.82.3, =2.47.9, =0.1.8, =0.1.4, =0.0.10, =0.4.1, =1.0.3, =1.0.0, =0.1.1, =0.5.0, =0.7.3, =0.7.4 and more Source cves: CVE-2025-4565 Source advisory: OSV:GHSA-8QVM-5X2C-J2W7...
aerospike-vector-search (>=1.0.0 <=4.2.0), agent-amory-core (=0.1.1) +438 more potentially affected by CVE-2025-4565 via protobuf (>=5.26.0rc2 <=5.29.4)
protobuf PYPI version =5.26.0rc2, =1.0.0, =0.1.0, =0.1.0, =0.82.3, =2.47.9, =0.1.8, =0.1.4, =0.0.10, =0.4.1, =1.0.3, =1.0.0, =0.1.1, =0.5.0, =0.7.3, =0.7.4 and more Source cves: CVE-2025-4565 Source advisory: SNYK:PYTHON-PROTOBUF-10364902...
CVE-2023-36480
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them...
Arbitrary Code Execution
com.aerospike:aerospike-client is vulnerable to Arbitrary Code Execution. The vulnerability is due untrusted deserialization during client side message validation, which allows for an attacker to trick a client into connecting to a malicious server, which will then execute arbitrary code when the...
CVE-2023-36480
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them...
CVE-2023-36480 Aerospike Java Client vulnerable to unsafe deserialization of server responses
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them...
CVE-2023-36480 Aerospike Java Client vulnerable to unsafe deserialization of server responses
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them...
CVE-2023-36480 Aerospike Java Client vulnerable to unsafe deserialization of server responses
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them...
CVE-2023-36480
CVE-2023-36480 affects the Aerospike Java Client. The vulnerability arises from unsafe deserialization of server-provided data: messages may contain Java objects that the client deserializes via JBLOB payloads using Java’s ObjectInputStream, without sufficient validation. This can lead to Remote ...
Aerospike Code Issue Vulnerability
Aerospike is a NoSQL database solution from Aerospike, Inc. A code issue vulnerability exists in Aerospike Java versions prior to 7.0.0 that stems from the presence of a deserialization vulnerability. An attacker can exploit this vulnerability to include specially crafted objects in a response an...
Deserialization of Untrusted Data
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them...
com.aerospike:aerospike-connect-inbound-sdk (>=0.9.7 <=1.2.0), com.aerospike:aerospike-document-api (>=0.5.0 <=1.1.3) +36 more potentially affected by CVE-2023-36480 via com.aerospike:aerospike-client (>=5.0.0 <=5.1.9)
com.aerospike:aerospike-client MAVEN version =5.0.0, =0.9.7, =0.5.0, =1.0.0, =5.0.3, =1.1.0, =0.7.0, =0.7.0, =0.7.0, =3.0.0, =0.7.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2023-36480 Source advisory: OSV:GHSA-JJ95-55CR-9597...