14 matches found
CVE-2026-45360
Apache Airflow's scheduler-side deadline-reference decoder SerializedCustomReference.deserializereference imported and dispatched arbitrary class paths drawn from DAG-author-controlled serialized state without an allowlist or plugin-registry gate. A DAG author whose code reaches the scheduler — t...
GHSA-F786-9C63-8XR8 Apache DolphinScheduler RPC module has a Deserialization of Untrusted Data vulnerability
Deserialization of Untrusted Data vulnerability in Apache DolphinScheduler RPC module. This issue affects Apache DolphinScheduler: Version = 3.2.0 and 3.3.1. Attackers who can access the Master or Worker nodes can compromise the system by creating a StandardRpcRequest, injecting a malicious class...
PT-2026-34872
Deserialization of Untrusted Data vulnerability in Apache DolphinScheduler RPC module. This issue affects Apache DolphinScheduler: Version = 3.2.0 and 3.3.1. Attackers who can access the Master or Worker nodes can compromise the system by creating a StandardRpcRequest, injecting a malicious class...
Apache DolphinScheduler 代码问题漏洞
Apache DolphinScheduler is a modern data orchestration platform developed by the Apache Foundation in the United States. Versions of Apache DolphinScheduler from 3.2.0 to 3.3.1 had code vulnerabilities. These vulnerabilities stemmed from insecure data deserialization in the RPC module, which coul...
CVE-2026-24729
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
CVE-2026-24729
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
EUVD-2026-5017
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
CVE-2026-24729 Interinfo DreamMaker - Unrestricted Upload of File with Dangerous Type
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
CVE-2026-24729 Interinfo DreamMaker - Unrestricted Upload of File with Dangerous Type
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
PT-2026-5378
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
CVE-2026-1225
ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604 01. Apache ActiveMQ & OpenWire - 1 Apac...
CVE-2019-12017
A remote code execution vulnerability exists in MapR CLDB code, specifically in the JSON framework that is used in the CLDB code that handles login and ticket issuance. An attacker can use the 'class' property of the JSON request sent to the CLDB to influence the JSON library's decision on which...
CVE-2 0 1 3-2 4 7 1 vulnerability analysis-vulnerability warning-the black bar safety net
1, Introduction There is no exposed java vulnerability, a simple analysis of the recent CVE-2 0 1 3-2 4 7 1, learn java vulnerabilities associated principle. POC from http://packetstormsecurity. com/files/1 2 2 8 0 6/in. ps: thanks to the oo help. 2, the vulnerability causes Trigger the...