61 matches found
CVE-2023-44273
Consensys gnark-crypto through 0.11.2 allows Signature Malleability. This occurs because deserialisation of EdDSA and ECDSA signatures does not ensure that the data is in a certain interval...
RHEL 7 : rh-maven35-apache-commons-collections4 (RHSA-2020:4274)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4274 advisory. The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections...
CVE-2022-4237 Welcart e-Commerce < 2.8.6 - Subscriber+ PHAR Deserialisation
The Welcart e-Commerce WordPress plugin before 2.8.6 does not validate user input before using it in fileexist functions via various AJAX actions available to any authenticated users, which could allow users with a role as low as subscriber to perform PHAR deserialisation when they can upload a...
CVE-2022-4237 Welcart e-Commerce < 2.8.6 - Subscriber+ PHAR Deserialisation
The Welcart e-Commerce WordPress plugin before 2.8.6 does not validate user input before using it in fileexist functions via various AJAX actions available to any authenticated users, which could allow users with a role as low as subscriber to perform PHAR deserialisation when they can upload a...
Welcart e-Commerce < 2.8.6 - Subscriber+ PHAR Deserialisation
The plugin does not validate user input before using it in fileexist functions via various AJAX actions available to any authenticated users, which could allow users with a role as low as subscriber to perform PHAR deserialisation when they can upload a file and a suitable gadget chain is present...
Welcart e-Commerce < 2.8.6 - Subscriber+ PHAR Deserialisation
The plugin does not validate user input before using it in fileexist functions via various AJAX actions available to any authenticated users, which could allow users with a role as low as subscriber to perform PHAR deserialisation when they can upload a file and a suitable gadget chain is present...
CVE-2022-45136
Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a resu...
Design/Logic Flaw
UNSUPPORTED WHEN ASSIGNED Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this...
CVE-2022-45136
Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a resu...
CVE-2022-45136 Apache Jena SDB allows arbitrary deserialisation via JDBC
Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a resu...
CVE-2022-31680
The vCenter Server contains an unsafe deserialisation vulnerability in the PSC Platform services controller. A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server...
Feed Them Social < 2.9.8.6 - Unauthenticated PHAR Deserialisation
The plugin does not validate the ftsurl parameter, which could lead to PHAR deserialisation when an attacker manage to upload a malicious file and a suitable gadget chain is present...
Untrusted Object Deserialisation
topthink/think is vulnerable to untrusted object deserialisation. The vulnerability exists in the AbstractCache function in CacheStore.php which allows an attacker to inject and execute arbitrary code via a crafted payload...
RubyGems: Bundler's RCE with response using Marshal
A vulnerability was found in Bundler's dependency API endpoint, which uses Marshal serialization. This could allow for remote code execution if a client receives a specially crafted response. The impact is increased risk from specifying an untrusted source or man-in-the-middle attack...
WordPress WP Hotel Booking plugin <= 1.10.2 - Unauthenticated Remote Code Execution (RCE) via Arbitrary Object Deserialisation vulnerability
Unauthenticated Remote Code Execution RCE via Arbitrary Object Deserialisation vulnerability discovered by Nick Blundell AppCheck Ltd in WordPress WP Hotel Booking plugin versions = 1.10.2. Solution Update the WordPress WP Hotel Booking plugin to the latest available version at least 1.10.3...
WordPress Newsletter Manager plugin <= 1.5.1 - Unauthenticated Insecure Deserialisation vulnerability
Unauthenticated Insecure Deserialisation vulnerability found by Jerome Bruander NinTechNet in WordPress Newsletter Manager plugin versions = 1.5.1. Solution 2020-12-31 - we were unable to find a patched version of this plugin. WordPress.org notification: "This plugin has been closed as of October...
Exploit for Deserialization of Untrusted Data in Telerik Ui_For_Asp.Net_Ajax
RAUcrypto !Languagehttps://img.shields.io/badge/Lang-Pyth...
WP Security Audit Log < 4.0.2 - Broken Access Control in First-Time Install Wizard
Broken access control vulnerability affecting version 4.0.1 and below that could lead to privilege escalation, sensitive data exposure and insecure deserialisation. To exploit the vulnerability, the wizard must not have been completed, otherwise it won’t work...
Debian DLA-2032-1 : cacti security update
It was discovered that there was unsafe deserialisation issue in cacti, server monitoring system system. Unsafe deserialisation of objects which can lead to abuse of the application logic, deny service or even execute arbitrary code. For Debian 8 'Jessie', this issue has been fixed in cacti versi...
Formidable < 4.02.01 - Unsafe Deserialisation
The Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPress WordPress plugin was affected by an Unsafe Deserialisation security vulnerability...