CVE-2026-26208 ADB Explorer Vulnerable to Remote Code Execution via Insecure Deserialization

ADB Explorer is a fluent UI for ADB on Windows. Prior to Beta 0.9.26020, ADB Explorer is vulnerable to Insecure Deserialization leading to Remote Code Execution. The application attempts to deserialize the App.txt settings file using Newtonsoft.Json with TypeNameHandling set to Objects. This allo...

CVE-2026-26208

CVE-2026-26208 affects ADB Explorer (Windows). It is vulnerable to insecure deserialization via JSON settings file deserialization: the app deserializes App.txt with Json.NET in which TypeNameHandling is set to Objects, enabling a crafted JSON file (for example containing an ObjectDataProvider ga...

TencentOS Server 3: .NET 8.0 (TSSA-2024:0048)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0048 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

EUVD-2016-3960

Malware in sbrugna...

EUVD-2023-0341

Malicious code in bioql PyPI...

EUVD-2024-0311

Malicious code in bioql PyPI...

Malicious code in ac-mvc-data-provider (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 169e9462eb068cce8b3da98f703f0be4a19c54ddaf088f9b6f23613ec34adbaa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-21072

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite component: Data Provider UI. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base...

CVE-2023-21893

Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TCPS to compromise Oracle Data Provider for .NET. Successful...

[SECURITY] Fedora 40 Update: rust-icu_provider-1.5.0-1.fc40

Trait and struct definitions for the ICU data provider...

[SECURITY] Fedora 42 Update: rust-icu_provider-1.5.0-1.fc42

Trait and struct definitions for the ICU data provider...

SUSE-SU-2024:2568-1 Security update for mockito, snakeyaml, testng

This update for mockito, snakeyaml, testng fixes the following issues: mockito was updated to version 5.11.0: - Added bundle manifest to the mockito-core artifact - Mockito 5 is making core changes to ensure compatibility with future JDK versions. - Switch the Default MockMaker to mockito-inline...

Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to information disclosure due to Apache Camel (CVE-2024-22371)

Summary Apache Camel is shipped with IBM Tivoli Netcool Impact as part of the data provider interface in the GUI server. Information about a security vulnerability affecting Apache ActiveMQ has been published in a security bulletin. Vulnerability Details CVEID:CVE-2024-22371 DESCRIPTION: Apache...

Security Bulletin: A vulnerability in Microsoft .NET Core affects IBM Robotic Process Automation and may result in a bypass of security restrictions (CVE-2024-0056)

Summary A vulnerability in Microsoft .NET Core affects IBM Robotic Process Automation resulting in a bypass of security restrictions. Microsoft .NET Core is used by IBM Robotic Process Automation as part of it's development platform. This bulletin identifies the security fixes to apply to address...

CVE-2024-32655 Npgsql Vulnerable to SQL Injection via Protocol Message Size Overflow

Npgsql is the .NET data provider for PostgreSQL. The WriteBind method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This cause...

CVE-2024-21072

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite component: Data Provider UI. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base...

CVE-2024-21072

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite component: Data Provider UI. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base...

CVE-2024-21072

CVE-2024-21072 affects Oracle E-Business Suite Installed Base, Data Provider UI (versions 12.2.3–12.2.13). An unauthenticated attacker with network access via HTTP can compromise Oracle Installed Base; attacks require human interaction and may lead to unauthorized update/insert/delete and read ac...

Microsoft OLE DB Provider for SQL Server 安全漏洞

Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...

Microsoft OLE DB Provider for SQL Server 安全漏洞

Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation USA that allows access to data from a variety of sources in a unified way. Microsoft OLE DB Provider for SQL Server A security vulnerability exists. An attacker could exploit the vulnerability to remotely execute code...