Lucene search
+L

270 matches found

Github Security Blog
Github Security Blog
added 2021/08/05 7:58 p.m.10 views

VecStorage Deserialize Allows Violation of Length Invariant

The Deserialize implementation for VecStorage did not maintain the invariant that the number of elements must equal nrows ncols. Deserialization of specially crafted inputs could allow memory access beyond allocation of the vector. This flaw was introduced in v0.11.0 086e6e due to the addition of...

3.9AI score
Exploits0References6Affected Software1
CVE
CVE
added 2021/06/06 10:28 p.m.57 views

CVE-2021-33898

Invoice Ninja before 4.4.0 has an unsafe unserialize() call in app/Ninja/Repositories/AccountRepository.php which can let an attacker deserialize arbitrary PHP classes. In certain contexts this may lead to remote code execution. The attack input is tied to http://www.geoplugin.net (plain HTTP), a...

8.1CVSS8.3AI score0.01804EPSS
Exploits0References1Affected Software1
RustSec
RustSec
added 2021/06/06 12:0 p.m.18 views

VecStorage Deserialize Allows Violation of Length Invariant

The Deserialize implementation for VecStorage did not maintain the invariant that the number of elements must equal nrows ncols. Deserialization of specially crafted inputs could allow memory access beyond allocation of the vector. This flaw was introduced in v0.11.0 086e6e due to the addition of...

9.8CVSS3.9AI score0.01411EPSS
Exploits1Affected Software1
OSV
OSV
added 2021/06/06 12:0 p.m.22 views

RUSTSEC-2021-0070 VecStorage Deserialize Allows Violation of Length Invariant

The Deserialize implementation for VecStorage did not maintain the invariant that the number of elements must equal nrows ncols. Deserialization of specially crafted inputs could allow memory access beyond allocation of the vector. This flaw was introduced in v0.11.0 086e6e due to the addition of...

9.8CVSS9.4AI score0.01411EPSS
Exploits1References3
OSV
OSV
added 2021/01/20 12:0 p.m.32 views

RUSTSEC-2021-0089 Optional `Deserialize` implementations lacking validation

When activating the non-default feature serialize, most structs implement serde::Deserialize without sufficient validation. This allows breaking invariants in safe code, leading to: Undefined behavior in asstring methods which use std::str::fromutf8unchecked internally. Panics due to failed...

9.8CVSS9.3AI score0.01123EPSS
Exploits0References3
Prion
Prion
added 2021/01/18 6:15 a.m.16 views

Remote code execution

OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:ActivityDataGrid parameter. The PHP object injection exploit chain can leverage an destruct magic metho...

10CVSS9.8AI score0.10679EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2020/10/15 12:0 p.m.14 views

CLSA-2020-1605798462 Fix of 227 CVE

Fix bug 69720: Null pointer dereference in phargetfpoffset - Fix bug 70728: Type Confusion Vulnerability in PHPtoXMLRPCworker - Fix bug 70661: Use After Free Vulnerability in WDDX Packet Deserialization - Fix bug 70741: Session WDDX Packet Deserialization Type Confusion Vulnerability - Fix bug...

10CVSS7.9AI score0.94859EPSS
Exploits88References1
OSV
OSV
added 2020/09/11 3:15 a.m.3 views

CVE-2020-25258

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It uses ASP.NET BinaryFormatter.Deserialize in a manner that allows attackers to transmit and execute bytecode in SOAP messages...

9.8CVSS7.4AI score0.01518EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/11 12:0 a.m.4 views

Hyland OnBase Bytecode Execution Vulnerability

Hyland OnBase is an enterprise information platform for managing your content, processes and cases. Hyland OnBase has a bytecode execution vulnerability that stems from a problem with the way OnBase uses ASP.NET BinaryFormatter.Deserialize, which can be exploited by an attacker to transmit and...

9.8CVSS7AI score0.01518EPSS
Exploits0References1
Veracode
Veracode
added 2020/09/03 4:15 a.m.11 views

Denial Of Service (DoS)

serialize-to-js is vulnerable to denial of service DoS. The vulnerability exists as the unvalidated user input could cause an infinite loop in the deserialize function...

2.7AI score
Exploits0
ossfuzz
ossfuzz
added 2020/06/01 4:34 p.m.11 views

skia:image_filter_deserialize_width: Crash in SkReader32::readInt

Project: https://skia.googlesource.com/skia.git Detailed Report: https://oss-fuzz.com/testcase?key=5752574451122176 Project: skia Fuzzing Engine: libFuzzer Fuzz Target: imagefilterdeserializewidth Job Type: libfuzzerasanskia Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x60608103762...

6.8AI score
Exploits0Affected Software1
0day.today
0day.today
added 2020/05/07 12:0 a.m.564 views

Kentico CMS 12.0.14 Remote Command Execution Exploit

This Metasploit module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote command execution is possible via unauthenticated XML requests to the Staging Service SyncServer.asmx interface ProcessSynchronizationTaskData method stagingTaskData parameter. XML inp...

9.8CVSS1.1AI score0.96031EPSS
Exploits5
Packet Storm
Packet Storm
added 2020/05/06 12:0 a.m.1021 views

Kentico CMS 12.0.14 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kentico CMS Staging SyncServer Unserialize Remote Command Execution', 'Description' = %q This module exploits a vulnerability in the Kentico CMS...

7.5CVSS0.4AI score0.96031EPSS
Exploits5
Metasploit
Metasploit
added 2020/05/04 1:26 p.m.107 views

Kentico CMS Staging SyncServer Unserialize Remote Command Execution

This module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote Command Execution is possible via unauthenticated XML requests to the Staging Service SyncServer.asmx interface ProcessSynchronizationTaskData method stagingTaskData parameter. XML input is passe...

9.8CVSS8AI score0.96031EPSS
Exploits5
ossfuzz
ossfuzz
added 2020/01/26 9:27 p.m.19 views

firefox:CompositorManagerParentIPC: Crash in mozilla::layers::TextureReadLock::AddRef

Detailed Report: https://oss-fuzz.com/testcase?key=5692629583134720 Project: firefox Fuzzing Engine: libFuzzer Fuzz Target: CompositorManagerParentIPC Job Type: libfuzzerasanfirefox Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x21807fff8001 Crash State:...

6.8AI score
Exploits0Affected Software1
OSV
OSV
added 2019/11/04 8:15 p.m.7 views

CVE-2019-17210

A denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString is called by the function MQTTDeserializepublish to get the length and content of the MQTT topic name. In the function readMQTTLenString, mqttstring-lenstring.len is a part of us...

7.5CVSS7.1AI score0.01011EPSS
Exploits0References1
CVE
CVE
added 2019/09/11 8:29 p.m.73 views

CVE-2019-0189

The CVE-2019-0189 issue affects Apache OFBiz via two dependencies (commons-beanutils and an outdated commons-fileupload). It uses Java deserialization in the HttpEngine: the request parameter serviceContext is passed to XmlSerializer.deserialize, enabling remote code execution through java.io.Obj...

9.8CVSS9.7AI score0.2371EPSS
Exploits0References13Affected Software1
NVD
NVD
added 2019/07/26 12:15 a.m.25 views

CVE-2018-11779

In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java class...

9.8CVSS9.3AI score0.03477EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/06/06 12:0 a.m.6 views

The vulnerability of the unit_deserialize component in Systemd allows a malicious actor to elevate their privileges to the root level.

The vulnerability of the unitdeserialize component in Systemd relates to the restoration of a dubious data structure in memory. Exploiting this vulnerability allows an attacker, operating remotely, to elevate their privileges to the root level...

10CVSS6.4AI score0.02279EPSS
Exploits4References10Affected Software5
0day.today
0day.today
added 2019/05/22 12:0 a.m.433 views

Shopware createInstanceFromNamedArguments PHP Object Instantiation Exploit

This Metasploit module exploits a php object instantiation vulnerability that can lead to remote code execution in Shopware. An authenticated backend user could exploit the vulnerability. The vulnerability exists in the createInstanceFromNamedArguments function, where the code insufficiently...

6.5CVSS0.5AI score0.27074EPSS
Exploits6
Rows per page
Query Builder