3 matches found
EUVD-2022-5476
Malicious code in bioql PyPI...
Deserialization of untrusted data
All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...
UReport2-console 代码问题漏洞
UReport2 is a high-performance pure Java reporting engine based on Spring architecture . A security vulnerability exists in all versions of UReport2-console, which can be exploited by an attacker to perform remote code execution, resulting in arbitrary file reads and deserialization of local...