2306 matches found
MAL-2025-22212 Malicious code in hardhat-contract-deploy (npm)
The package hardhat-contract-deploy was found to contain malicious code...
MAL-2025-15778 Malicious code in blaast-deploy (npm)
The package blaast-deploy was found to contain malicious code...
MAL-2025-28218 Malicious code in omicron-deploy-index-bad-sun (npm)
The package omicron-deploy-index-bad-sun was found to contain malicious code...
Malicious code in ecosia-deploy (npm)
The package ecosia-deploy was found to contain malicious code...
Malicious code in easy-zero-gamma-promise-deploy (npm)
The package easy-zero-gamma-promise-deploy was found to contain malicious code...
Malicious code in @frozen-team/deploy-log (npm)
The package @frozen-team/deploy-log was found to contain malicious code...
Malicious code in blaast-deploy (npm)
The package blaast-deploy was found to contain malicious code...
CVE-2025-53772
Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network...
GHSA-X6GV-2RVH-QMP6 m00nl1ght-dev/steam-workshop-deploy: Exposure of Version-Control Repository to an Unauthorized Control Sphere and Insufficiently Protected Credentials
Summary The steam-workshop-deploy github action does not exclude the .git directory when packaging content for deployment and provides no built-in way to do so. If a .git folder exists in the target directory e.g., due to a local Git repo, custom project structure, or via the actions/checkout...
CVE-2025-8916
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All API modules allows Excessiv...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in Web Deploy. The vulnerability in Web Deploy results from the deserialization of untrusted data. This issue can be exploited by an authorized attacker, enabling them to remotely execute code on the affected system. Web Deploy:...
CVE-2025-53772
Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network...
CVE-2025-53772
Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network...
CVE-2025-53772 Web Deploy Remote Code Execution Vulnerability
...
CVE-2025-53772 Web Deploy Remote Code Execution Vulnerability
...
CVE-2025-53772
This CVE affects Microsoft Web Deploy (deserialization of untrusted data) enabling Remote Code Execution over the network. Affected component is Web Deploy’s deserialization pathway, with evidence of in-the-wild and PoC exploits on public GitHub (e.g., stand-alone and IIS WebDeploy PoCs). The vul...
Web Deploy Remote Code Execution Vulnerability
Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network...
KLA86588 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Web Deploy can be exploited remotely to execute arbitrary code. 2...
Microsoft Web Deploy 代码问题漏洞
Microsoft Web Deploy is a scalable client-server tool from Microsoft Corporation USA. A code issue vulnerability exists in Microsoft Web Deploy. An attacker exploiting this vulnerability could execute code...
Microsoft Web Deploy Installed (Windows)
Binary data microsoftwebdeployinstalled.nbin...