EUVD-2023-57520

Malicious code in bioql PyPI...

CVE-2023-5183

Unsafe deserialization of untrusted JSON allows execution of arbitrary code on affected releases of the Illumio PCE. Authentication to the API is required to exploit this vulnerability. The flaw exists within the networktraffic API endpoint. An attacker can leverage this vulnerability to execute...

CVE-2023-5183

Summary: CVE-2023-5183 describes an unsafe deserialization of untrusted JSON in Illumio PCE’s network_traffic API that can lead to remote code execution. An attacker must authenticate to exploit this vulnerability and can execute code with the PCE operating system user privileges. The vulnerabili...

CVE-2023-5183 Authenticated RCE due to unsafe JSON deserialization

Unsafe deserialization of untrusted JSON allows execution of arbitrary code on affected releases of the Illumio PCE. Authentication to the API is required to exploit this vulnerability. The flaw exists within the networktraffic API endpoint. An attacker can leverage this vulnerability to execute...

ThreatMetrix SDK for iOS fails to validate SSL certificates

Overview On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle MITM attack. Description ThreatMetrix is a security library for mobile applications, which aims to...