Lucene search
K

12 matches found

OSV
OSV
added 2026/06/24 5:41 p.m.6 views

GHSA-F637-W7P2-M7FX OliveTin: ValidateArgumentType API Endpoint's Missing Authentication Allows Action and Argument Enumeration

Summary The ValidateArgumentType RPC endpoint in service/internal/api/api.go does not perform any authentication or authorization checks. Unlike all other data-returning API endpoints, it does not call auth.UserFromApiCall or checkDashboardAccess. When AuthRequireGuestsToLogin is enabled the...

3.7CVSS5.9AI score0.00328EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/24 5:41 p.m.9 views

EUVD-2026-36907

OliveTin: ValidateArgumentType API Endpoint's Missing Authentication Allows Action and Argument Enumeration...

3.7CVSS5.8AI score0.00328EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/02/14 1:6 p.m.3 views

xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

8.5CVSS7.7AI score0.04735EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/01/26 4:33 p.m.2 views

xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

8.5CVSS7.7AI score0.04065EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/01/26 4:33 p.m.4 views

xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

8.5CVSS7.7AI score0.04735EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/01/26 3:52 p.m.8 views

xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

8.5CVSS7.7AI score0.04735EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/12/02 4:17 p.m.3 views

xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

8.5CVSS7.7AI score0.04065EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/12/02 4:17 p.m.4 views

xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

8.5CVSS7.7AI score0.04735EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/11/23 10:34 a.m.8 views

xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

8.5CVSS7.7AI score0.04735EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/11/23 10:34 a.m.6 views

xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

8.5CVSS7.7AI score0.04065EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/10/25 6:54 a.m.2 views

xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

8.5CVSS7.7AI score0.04065EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/10/25 6:54 a.m.4 views

xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

8.5CVSS7.7AI score0.04735EPSS
Exploits1References5
Rows per page
Query Builder