CVE-2025-1186

A vulnerability was found in dayrui XunRuiCMS up to 4.6.4. It has been declared as critical. This vulnerability affects unknown code of the file /Control/Api/Api.php. The manipulation of the argument thumb leads to deserialization. The attack can be initiated remotely. The exploit has been...

EUVD-2024-0285

Malicious code in bioql PyPI...

EUVD-2022-35117

Malicious code in bioql PyPI...

EUVD-2025-16801

Malicious code in bioql PyPI...

EUVD-2024-47702

Malicious code in bioql PyPI...

EUVD-2024-2782

Malicious code in bioql PyPI...

EUVD-2025-20786

Malicious code in bioql PyPI...

EUVD-2025-9732

Malicious code in bioql PyPI...

CVE-2025-7876

A vulnerability classified as critical was found in Metasoft 美特软件 MetaCRM up to 6.4.2. This vulnerability affects the function AnalyzeParam of the file download.jsp. The manipulation of the argument p leads to deserialization. The attack can be initiated remotely. The exploit has been disclosed t...

CVE-2025-5114

A vulnerability has been found in easysoft zentaopms 21.520250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor=edit=cGhhcjovLy9ldGMvcGFzc3dk=edit of the component Committer. The manipulation of the argument filePath leads to...

CVE-2025-2690

A vulnerability, which was classified as critical, was found in yiisoft Yii2 up to 2.0.39. This affects the function Generate of the file phpunit\src\Framework\MockObject\MockClass.php. The manipulation leads to deserialization. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-1177

A vulnerability was found in dayrui XunRuiCMS 4.6.3. It has been classified as critical. Affected is the function importadd of the file dayrui/Fcms/Control/Admin/Linkage.php. The manipulation leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to...

CVE-2025-0465

A vulnerability was found in AquilaCMS 1.412.13. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/v2/categories. The manipulation of the argument PostBody.populate leads to deserialization. The attack may be launched remotely. The exploit has be...

PT-2024-17856 · Unknown · Running-Elephant Datart

Name of the Vulnerable Software and Affected Versions: running-elephant Datart version 1.0.0-rc3 Description: A critical issue affects the extractModel function of the File Upload component, specifically in the /import file. The manipulation of the file argument leads to deserialization. This iss...

CVE-2024-4019 Byzoro Smart S80 Management Platform importhtml.php deserialization

A vulnerability classified as critical has been found in Byzoro Smart S80 Management Platform up to 20240411. Affected is an unknown function of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. It is possible to launch the attack remotely. The exploit has...

CVE-2024-1748 van_der_Schaar LAB AutoPrognosis Release Note load_model_from_file deserialization

A vulnerability classified as critical was found in vanderSchaar LAB AutoPrognosis 0.1.21. This vulnerability affects the function loadmodelfromfile of the component Release Note Handler. The manipulation leads to deserialization. The attack can be initiated remotely. The complexity of an attack ...