Kong Gateway Enterprise 环境问题漏洞

Kong Gateway Enterprise is an enterprise-level API gateway platform developed by Kong Corporation. Versions 3.4, 3.10, 3.11, 3.12, 3.13, and 3.14 of Kong Gateway Enterprise contain environmental issues vulnerabilities. These vulnerabilities stem from defects in the HTTP request processing pipelin...

VMware Spring for Apache Pulsar 代码问题漏洞

VMware Spring for Apache Pulsar is a Pulsar messaging integration framework developed by the company VMware. Versions of VMware Spring for Apache Pulsar such as 2.0.0, 1.2.0, and 1.1.0 have code vulnerabilities. These vulnerabilities stem from the use of JsonPulsarHeaderMapper to check header typ...

MetaGPT 代码问题漏洞

MetaGPT is a multi-agent framework developed by MetaGPT Inc. Versions of MetaGPT 0.8.2 and earlier contained code vulnerabilities. These vulnerabilities stemmed from issues with the Message.checkinstructcontent function in the metagpt/schema.py file, which could lead to deserialization attacks...

EUVD-2020-0570

Malware in sbrugna...

EUVD-2016-4441

Malware in sbrugna...

EUVD-2025-19879

Malicious code in bioql PyPI...

EUVD-2024-33940

Malicious code in bioql PyPI...

EUVD-2022-5835

Malicious code in bioql PyPI...

EUVD-2024-17597

Malicious code in bioql PyPI...

EUVD-2022-5742

Malicious code in bioql PyPI...

EUVD-2024-3187

Malicious code in bioql PyPI...

EUVD-2022-42902

Malicious code in bioql PyPI...

CVE-2025-54923

CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution and compromise of system integrity when authenticated users send crafted data to a network-exposed service that performs unsafe deserialization...

CVE-2025-43713

ASNA Assist and ASNA Registrar before 2025-03-31 allow deserialization attacks against .NET remoting. These are Windows system services that support license key management and deprecated Windows network authentication. The services are implemented with .NET remoting and can be exploited via...

CVE-2025-43713

ASNA Assist and ASNA Registrar before 2025-03-31 allow deserialization attacks against .NET remoting. These are Windows system services that support license key management and deprecated Windows network authentication. The services are implemented with .NET remoting and can be exploited via...

PT-2025-27801 · Asna · Asna Registrar +16

Name of the Vulnerable Software and Affected Versions: ASNA Assist versions prior to 2025-03-31 ASNA Registrar versions prior to 2025-03-31 DataGate for SQL Server versions 17.0.36.0 and 16.0.89.0 DataGate Component Suite versions 17.0.36.0 and 16.0.89.0 DataGate Monitor versions 17.0.26.0 and...

CVE-2025-5174

CVE-2025-5174 affects the erdogant pypickle package up to version 1.1.5. The vulnerability is in the load function of pypickle/pypickle.py, enabling deserialization with local access. The exploit has been disclosed, and upgrading to version 2.0.0 is reported to address the issue (patch 14b4cae704...

CVE-2025-32284 WordPress Pet World <= 2.8 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Pet World allows Object Injection. This issue affects Pet World: from n/a through 2.8...

CVE-2022-3536

The Role Based Pricing for WooCommerce WordPress plugin before 1.6.3 does not have authorisation and proper CSRF checks, as well as does not validate path given via user input, allowing any authenticated users like subscriber to perform PHAR deserialization attacks when they can upload a file, an...

CVE-2021-3902

An improper restriction of external entities XXE vulnerability in dompdf/dompdf's SVG parser allows for Server-Side Request Forgery SSRF and deserialization attacks. This issue affects all versions prior to 2.0.0. The vulnerability can be exploited even if the isRemoteEnabled option is set to...