57 matches found
ARIstoteles -- Dissecting Apple's Baseband Interface
Wireless chips and interfaces expose a substantial remote attack surface. As of today, most cellular baseband security research is performed on the Android ecosystem, leaving a huge gap on Apple devices. With iOS jailbreaks, last-generation wireless chips become fairly accessible for performance...
EUVD-2026-16505
dd-trace-java: Unsafe deserialization in RMI instrumentation may lead to remote code execution...
org.apache.cxf/cxf: CXF JMS Code Execution Vulnerability
A flaw was found in org.apache.cxf/cxf, where untrusted users can configure JMS to allow the specification of RMI or LDAP URLs, possibly leading to code execution. This vulnerability allows an attacker to provide malicious protocol URLs during JMS configuration...
USN-7998-1 openjdk-17 vulnerabilities
It was discovered that the RMI component of OpenJDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
Ubuntu: Security Advisory (USN-8003-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2026-23746
Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service DCG.SmartCardControllerService.exe. The service registers a TCP remoting...
CVE-2025-20354
A vulnerability in the Java Remote Method Invocation RMI process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system. This vulnerability is due to improper authentication mechanis...
SAP NetWeaver AS Java Insecure Deserialization (October 2025)
The version of SAP NetWeaver Application Server for Java detected on the remote host is affected by an insecure deserialization vulnerability as disclosed in the SAP Security Patch Day October 2025: - Due to a deserialization vulnerability in SAP NetWeaver, an unauthenticated attacker could explo...
EUVD-2025-5790
Malicious code in bioql PyPI...
MIM Admin Service 安全漏洞
MIM Admin Service is a service component for centralized management of identity and access rights from MIM USA. A security vulnerability exists in MIM Admin Service versions prior to 7.2.13, prior to 7.3.8, and prior to 7.4.3, which stems from improper handling of the RMI interface and could lead...
CVE-2019-14958
JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes. In a very specific situation, it could lead to a remote invocation of an OOM error message because of Uncontrolled Memory Allocation...
PT-2025-15231 · Red Hat · Red Hat Jboss Enterprise Application Platform +1
Name of the Vulnerable Software and Affected Versions: WildFly affected versions not specified JBoss Enterprise Application Platform EAP affected versions not specified Description: A security flaw exists within the Enterprise JavaBeans EJB remote invocation mechanism, stemming from untrusted dat...
Red Hat JBoss Enterprise Application Platform和Red Hat Wildfly 代码问题漏洞
Red Hat JBoss Enterprise Application Platform EAP and Red Hat Wildfly are both products of Red Hat, Inc.Red Hat JBoss Enterprise Application Platform is an open source, J2EE-based middleware platform. J2EE-based middleware platform. The platform is mainly used for building, deploying and hosting...
CVE-2024-45580
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation...
CVE-2024-45580
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation...
CVE-2024-45580
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation...
CVE-2024-45580 Use After Free in DSP Service
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation...
CVE-2024-45580
CVE-2024-45580: A memory corruption issue in Qualcomm kernel due to handling multiple IOCTL calls from user space for remote invocation. Affected: Qualcomm components using the kernel/ DSP service stack where IOCTL processing could lead to arbitrary memory corruption. Impact as described: high fo...
CVE-2023-0925
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry listening on TCP port 2099 by default and two RMI interfaces listening on a single, dynamically assigned TCP high port. Port 2099 serves as a Java Remote Method Invocation RMI...
SUSE CVE-2015-0408
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...