11 matches found
EUVD-2018-6488
Malware in sbrugna...
EUVD-2018-7003
Malware in sbrugna...
EUVD-2024-33131
Malicious code in bioql PyPI...
CVE-2024-10456
Delta Electronics InfraSuite Device Master versions prior to 1.0.12 are affected by a deserialization vulnerability that targets the Device-Gateway, which could allow deserialization of arbitrary .NET objects prior to authentication...
CVE-2024-10456 Delta Electronics InfraSuite Device Master Deserialization of Untrusted Data
Delta Electronics InfraSuite Device Master versions prior to 1.0.12 are affected by a deserialization vulnerability that targets the Device-Gateway, which could allow deserialization of arbitrary .NET objects prior to authentication...
(Pwn2Own) Adobe Acrobat Reader DC Protected API Restrictions Bypass Vulnerability
This vulnerability allows remote attackers to bypass JavaScript API restrictions on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
CVE-2018-14878
JetBrains dotPeek before 2018.2 and ReSharper Ultimate before 2018.1.4 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific file, because of Deserialization of Untrusted Data...
CyberArk Password Vault Web Access Remote Code Execution
Advisory: CyberArk Password Vault Web Access Remote Code Execution The CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens, attackers are able to gain unauthenticated remote code execution on the web...
CyberArk Password Vault Web Access 9.9.5 9.10 10.1 - Remote Code Execution
CyberArk Password Vault Web Access 9.9.5 9.10 10.1 - Remote Code Execution Advisory: CyberArk Password Vault Web Access Remote Code Execution The CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens,...
CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution
Advisory: CyberArk Password Vault Web Access Remote Code Execution The CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens, attackers are able to gain unauthenticated remote code execution on the web...
Google Researcher Ships Exploit to Defeat ASLR+DEP
A prominent security researcher has released an exploit that uses a new technique to defeat ALSR + DEP on Microsoft’s Windows operating system. The exploit, released by Google security researcher “SkyLined,” uses the ret-into-libc technique to bypass DEP Data Execution Prevention and launch code...