52 matches found
EUVD-2016-9553
Malware in sbrugna...
EUVD-2024-24532
Malicious code in bioql PyPI...
R Programming Language Installed (Linux)
Binary data rlangnixinstalled.nbin...
R Programming Language Installed (macOS)
Binary data rlangmacosinstalled.nbin...
CVE-2025-54956
The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request...
CVE-2025-54956
The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request...
Security Bulletin: R statistical programming language - deserialization of untrusted leading to arbitrary code execution
Summary Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS R Data Serialization formatted file or R package to run arbitrary code on an end user's system when...
Azure Linux 3.0 Security Update: R (CVE-2024-27322)
The version of R installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27322 advisory. - Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at...
R: Arbitrary Code Execution
Background R is a language and environment for statistical computing and graphics. Description Deserialization of untrusted data can occur in the R statistical programming language, enabling a maliciously crafted RDS R Data Serialization formatted file or R package to run arbitrary code on an end...
Security Bulletin: IBM Cognos Analytics has addressed security vulnerabilities in JupyterHub, R Programming Language and Apache MINA (CVE-2024-28233, CVE-2024-27322, CVE-2019-0231, CVE-2021-41973)
Summary IBM Cognos Analytics is vulnerable to a cross-site scripting vulnerability XSS in JupyterHub and remote code execution RCE vulnerability in R Programming Language which is used by Jupyter Notebook. IBM Cognos Analytics has addressed a Denial of Service DOS vulnerability and an Information...
Important: R
Issue Overview: Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS R Data Serialization formatted file or R package to run arbitrary code on an end user's system...
R Programming Language 1.4.0 < 4.4.0 Insecure Deserialization
The version of the R Programming Language running on the remote host is 1.4.0 or later, before 4.4.0. It is, therefore, affected by an insecure deserialization vulnerability. Deserialization of untrusted data can occur, enabling a maliciously crafted RDS R Data Serialization formatted file or R...
R Programming Language Installed (Windows)
Binary data rlangwininstalled.nbin...
CERT/CC Reports R Programming Language Vulnerability
CERT Coordination Center CERT/CC has released information on a vulnerability in R programming language implementations CVE-2024-27322link is external. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the...
CVE-2024-27322
Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS R Data Serialization formatted file or R package to run arbitrary code on an end user’s system when interacted...
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks
A security vulnerability has been discovered in the R programming language that could be exploited by a threat actor to create a malicious RDS R Data Serialization file such that it results in code execution when loaded and referenced. The flaw, assigned the CVE identifier CVE-2024-27322 CVSS...
R -- arbitrary code execution vulnerability
HiddenLayer Research reports: Deserialization of untrusted data can occur in the R statistical programming language, enabling a maliciously crafted RDS R Data Serialization formatted file or R package to run arbitrary code on an end user's system...
GLSA-202401-07 : R: Directory Traversal
The remote host is affected by the vulnerability described in GLSA-202401-07 R: Directory Traversal - The R programming language's default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R...
CVE-2020-27637
The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the install.packages function from the interpreter. Update to version 4.0....
CVE-2020-27637
The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the install.packages function from the interpreter. Update to version 4.0....