25 matches found
EUVD-2024-50702
Malicious code in bioql PyPI...
EUVD-2025-17020
Malicious code in bioql PyPI...
EUVD-2025-17026
Malicious code in bioql PyPI...
CVE-2025-5680
A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected by this vulnerability is the function executeScript of the file /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java of the component Groovy Script...
CVE-2025-5679
A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of the file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation of the argument str leads t...
CVE-2025-5680
A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected by this vulnerability is the function executeScript of the file /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java of the component Groovy Script...
CVE-2025-5680 Shenzhen Dashi Tongzhou Information Technology AgileBPM Groovy Script SysScriptController.java executeScript deserialization
A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected by this vulnerability is the function executeScript of the file /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java of the component Groovy Script...
CVE-2025-5680 Shenzhen Dashi Tongzhou Information Technology AgileBPM Groovy Script SysScriptController.java executeScript deserialization
A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected by this vulnerability is the function executeScript of the file /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java of the component Groovy Script...
CVE-2025-5680
CVE-2025-5680 affects AgileBPM up to 2.5.0. Root cause: deserialization in the Groovy Script Handler, via the executeScript function in SysScriptController.java, allowing remote exploitation. Exploit described publicly; remote attack possible. Affected component: Groovy Script Handler (executeScr...
CVE-2025-5679
A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of the file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation of the argument str leads t...
CVE-2025-5679
A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of the file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation of the argument str leads t...
CVE-2025-5679 Shenzhen Dashi Tongzhou Information Technology AgileBPM SysToolsController.java parseStrByFreeMarker deserialization
A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of the file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation of the argument str leads t...
CVE-2025-5679 Shenzhen Dashi Tongzhou Information Technology AgileBPM SysToolsController.java parseStrByFreeMarker deserialization
A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of the file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation of the argument str leads t...
CVE-2025-5679
CVE-2025-5679 affects Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. The vulnerability lies in the function parseStrByFreeMarker within SysToolsController.java, where manipulating the str argument leads to deserialization. This allows a remote attacker to trigger the issue, ...
AgileBPM 代码问题漏洞
AgileBPM is an agile development platform from the China AgileBPM project. A code issue vulnerability exists in AgileBPM 2.5.0 and earlier versions, which stems from a misbehavior of the parameter str in the file SysToolsController.java resulting in deserialization...
PT-2025-23972 · Shenzhen Dashi Tongzhou Information Technology · Agilebpm
Name of the Vulnerable Software and Affected Versions: Shenzhen Dashi Tongzhou Information Technology AgileBPM versions up to 2.5.0 Description: A critical issue has been discovered, affecting the parseStrByFreeMarker function in the file...
AgileBPM 代码问题漏洞
AgileBPM is an agile development platform from the China AgileBPM project. A code issue vulnerability exists in AgileBPM 2.5.0 and earlier versions, which stems from a misuse of the parameter script in the file SysScriptController.java in the component Groovy Script Handler, resulting in...
PT-2025-23973
Name of the Vulnerable Software and Affected Versions AgileBPM versions up to 2.5.0 Description A critical vulnerability was found in AgileBPM, affecting the executeScript function of the Groovy Script Handler component. The manipulation of the script argument leads to deserialization, allowing f...
CVE-2024-12235
A vulnerability was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 1.0.0. It has been declared as critical. Affected by this vulnerability is the function doFilter of the file...
CVE-2024-12235
A vulnerability was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 1.0.0. It has been declared as critical. Affected by this vulnerability is the function doFilter of the file...