6 matches found
EUVD-2017-5418
Malware in sbrugna...
CVE-2023-29051
User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthorized users could discover and modify application state, including objects related to other users...
CVE-2025-48018 Deserialization of Untrusted Data
An authenticated user can modify application state data...
CVE-2025-48018 Deserialization of Untrusted Data
An authenticated user can modify application state data...
CVE-2024-5452
A remote code execution RCE vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state base...
CVE-2023-29051
User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthorized users could discover and modify application state, including objects related to other users...