MiracleLinux 8 : dotnet6.0-6.0.118-1.el8.ML.1 (AXSA:2023-6205:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6205:16 advisory. dotnet: .NET Kestrel: Denial of Service processing X509 Certificates CVE-2023-29331 dotnet: vulnerability exists in NuGet where a potential race...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.322.b06-2.el8 (AXSA:2022-3023:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3023:02 advisory. OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Insufficient URI checks in t...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.231-2.6.19.1.AXS4 (AXSA:2019-3940:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3940:03 advisory. OpenJDK: Side-channel attack risks in Elliptic Curve EC cryptography Security, 8208698 CVE-2019-2745 OpenJDK: Insufficient checks of suppressed...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.181-2.6.14.1.AXS4 (AXSA:2018-2999:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2999:02 advisory. OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass Hotspot, 8192025 CVE-2018-2814 OpenJDK: unrestricted deserialization of...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.171-7.b10.el7 (AXSA:2018-2954:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2954:03 advisory. OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass Hotspot, 8192025 CVE-2018-2814 OpenJDK: unrestricted deserialization of...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.222.b10-0.el7 (AXSA:2019-3939:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3939:04 advisory. OpenJDK: Side-channel attack risks in Elliptic Curve EC cryptography Security, 8208698 CVE-2019-2745 OpenJDK: Insufficient checks of suppressed...

EUVD-2010-3257

Malware in sbrugna...

EUVD-2021-0863

Malware in sbrugna...

EUVD-2025-5883

Malicious code in bioql PyPI...

EUVD-2022-34187

Malicious code in bioql PyPI...

CVE-2025-53415

Delta Electronics DTM Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution...

CVE-2025-53416

Delta Electronics DTN Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution...

USN-7590-1: Apache Log4j vulnerabilities

It was discovered that several deserialization issues existed within Apache Log4j. An attacker could possibly use these issues to enable the execution of arbitrary code. CVE-2022-23302, CVE-2022-23305, CVE-2022-23307...

PT-2025-22705 · Boldthemes · Boldthemes Avantage

Name of the Vulnerable Software and Affected Versions: BoldThemes Avantage versions 2.4.6 and earlier Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection. Recommendations: For versions 2.4.6 and earlier, update to a version later than 2.4.6 to...

CVE-2025-39354 WordPress Grand Conference theme <= 5.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Conference allows Object Injection.This issue affects Grand Conference: from n/a through 5.2...

PT-2025-17179 · Unknown · Fluentboards

Name of the Vulnerable Software and Affected Versions: FluentBoards versions 1.47 and earlier Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection. Recommendations: For FluentBoards versions 1.47 and earlier, at the moment, there is no information...

Adobe ColdFusion 2021.x < 2021u19 / 2023.x < 2023u13 / 2025.x < 2025u1 Multiple Vulnerabilities (APSB25-15)

The version of Adobe ColdFusion installed on the remote Windows host is prior to 2021.x update 19, 2023.x update 13, or 2025.x update 1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-15 advisory. - Improper Authentication CWE-287 potentially leading to Arbitra...

RHEL 5 : Red Hat JBoss Enterprise Application Platform 6.4.20 (RHSA-2018:1450)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1450 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red...

CVE-2024-13410 CozyStay <= 1.7.0 and TinySalt <= 3.9.0 - Unauthenticated PHP Object Injection in ajax_handler

The CozyStay and TinySalt plugins for WordPress are vulnerable to PHP Object Injection in all versions up to, and including, 1.7.0, and in all versions up to, and including 3.9.0, respectively, via deserialization of untrusted input in the 'ajaxhandler' function. This makes it possible for...

PT-2025-1239 · Microsoft · 365 Apps For Enterprise +2

Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Description: The issue is related to a security feature bypass in Microsoft Excel, which can be exploited to circumvent existing security restrictions. This is due to deficiencies in the...