CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

85 matches found

NVD•added 2026/06/04 5:16 p.m.•14 views

CVE-2026-50076

Deserialization of Untrusted Data in the Java replace-resolve path in Apache Fory fory-core Java SDK before 1.1.0 on Java/JVM platforms allows a remote attacker to bypass class registration, TypeChecker, and DisallowedList checks and invoke classpath-present readResolve/readExternal hooks via...

9.1CVSS0.0052EPSS

Exploits0References2

Cvelist•added 2026/06/04 4:9 p.m.•37 views

CVE-2026-50076 Apache Fory: Java ReplaceResolverSerializer deserialization checks bypass

0.0052EPSS

Exploits0References1

CVE•added 2026/06/04 4:9 p.m.•36 views

CVE-2026-50076

CVE-2026-50076 affects the Apache Fory fory-core Java SDK before 1.1.0 on Java/JVM. The issue is a deserialization flaw in the Java replace-resolve path that allows a remote attacker to bypass class registration, TypeChecker, and DisallowedList checks and to invoke classpath-present readResolve/r...

9.1CVSS5.8AI score0.0052EPSS

Exploits0References2Affected Software1

CNNVD•added 2026/06/04 12:0 a.m.•6 views

Apache Fory 安全漏洞

Apache Fory is a serialization framework developed by the Apache Foundation in the United States. Versions of Apache Fory prior to 1.1.0 contained security vulnerabilities. These vulnerabilities stemmed from the deserialization of untrusted data in the Java replace-resolve path, which could allow...

9.1CVSS5.6AI score0.0052EPSS

Exploits0References2

Tenable Nessus•added 2026/04/22 12:0 a.m.•5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013798)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013798 advisory. In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in classregister If classaddgroups returns error, the 'cp-subsys'...

5.5AI score0.00223EPSS

Exploits0References4

Tenable Nessus•added 2026/04/21 12:0 a.m.•6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011123)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011123 advisory. In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in classregister If classaddgroups returns error, the 'cp-subsys'...

5.8AI score0.00223EPSS

Exploits0References4

Tenable Nessus•added 2026/04/17 12:0 a.m.•4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007491)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007491 advisory. In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in classregister If classaddgroups returns error, the 'cp-subsys'...

5.8AI score0.00223EPSS

Exploits0References4

Tenable Nessus•added 2025/10/27 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2022-50578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in classregister If classaddgroups returns error, the...

5.8AI score0.00223EPSS

Exploits0References3

OSV•added 2025/10/22 2:15 p.m.•1 views

DEBIAN-CVE-2022-50578

In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in classregister If classaddgroups returns error, the 'cp-subsys' need be unregister, and the 'cp' need be freed. We can not call ksetunregister here, because the 'cls' will be freed in callback...

5.3AI score0.00223EPSS

Exploits0References1