5 matches found
EUVD-2022-5356
Malicious code in bioql PyPI...
Code Injection in Masuit.Tools.Core
All versions of package Masuit.Tools.Core are vulnerable to Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client...
GHSA-VH38-GHX6-VMVG Code Injection in Masuit.Tools.Core
All versions of package Masuit.Tools.Core are vulnerable to Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client...
CVE-2022-21167
All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client...
CVE-2022-21167
CVE-2022-21167 affects Masuit.Tools.Core (and related Masuit.Tools packages) with Arbitrary Code Execution via the ReceiveVarData function in SocketClient.cs. All versions are reported vulnerable due to inadequate restrictions/type bindings for BinaryFormatter during deserialization of user-contr...