27 matches found
Remote Code Execution (RCE)
SandboxJS is vulnerable to Remote Code Execution RCE. The vulnerability is due to missing isolation and replacement of AsyncFunction and related function constructors, which allows an attacker to access the native host AsyncFunction via the .constructor property and execute arbitrary code outside...
EUVD-2025-34646
When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-58120 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability
When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2015-2117
Malware in sbrugna...
CVE-2015-2020
The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2001
The MetaIO SDK before 6.0.2.1 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2002
The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2004
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2000
The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2003
The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The MetaIO SDK before 6.0.2.1 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2003
Summary: CVE-2015-2003 affects the PJSIP PJSUA2 SDK for Android prior to SVN Changeset 51322. The underlying issue is in a Serializable class’s finalize method, which improperly passes an attacker-controlled pointer to a native function, enabling arbitrary code execution. Documents consistently d...
CVE-2015-2004
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2003
The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2000
CVE-2015-2000 affects the Jumio SDK for Android prior to 1.5.0. The issue arises from a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function, allowing arbitrary code execution. Affected product: Jumio SDK for Android (pre-1.5.0). Impac...