EUVD-2022-3272

Malicious code in bioql PyPI...

GHSA-92J2-5R7P-6HJW Restlet is vulnerable to Arbitrary Java Code Execution via crafted XML

The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML...

Restlet is vulnerable to Arbitrary Java Code Execution via crafted XML

The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML...

Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server

PoC exploit for CVE-2017-10271, an unauthenticated Weblogic RCE. The target product/service is Weblogic, and the vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the CoordinatorPortType SOAP endpoint. Notable dependencies/tooling include the requests library an...

CVE-2013-4221

The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML...

Default configuration

The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML...

CVE-2013-4221

The Restlet vulnerability CVE-2013-4221 affects Restlet before 2.1.4, where ObjectRepresentation deserializes objects from untrusted sources using XMLDecoder. This allows remote attackers to execute arbitrary Java code via crafted XML, through the deserialization process on the server. Impact is ...