53 matches found
EUVD-2018-0584
Malware in sbrugna...
EUVD-2012-2641
Malware in sbrugna...
EUVD-2018-0530
Malware in sbrugna...
EUVD-2018-0478
Malware in sbrugna...
EUVD-2022-3272
Malicious code in bioql PyPI...
EUVD-2022-3676
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2014-1868
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service vi...
Linux Distros Unpatched Vulnerability : CVE-2017-14868
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request...
Linux Distros Unpatched Vulnerability : CVE-2017-14949
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only...
Linux Distros Unpatched Vulnerability : CVE-2013-4271
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources, which allows remote attackers t...
Linux Distros Unpatched Vulnerability : CVE-2013-4221
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which...
Restlet Arbitrary Java Code Execution via a serialized object
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources, which allows remote attackers to execute arbitrary Java code via a serialized object, a different vulnerability than CVE-2013-4221...
GHSA-F3MV-G3XR-FP7W Restlet Arbitrary Java Code Execution via a serialized object
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources, which allows remote attackers to execute arbitrary Java code via a serialized object, a different vulnerability than CVE-2013-4221...
GHSA-92J2-5R7P-6HJW Restlet is vulnerable to Arbitrary Java Code Execution via crafted XML
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML...
Restlet is vulnerable to Arbitrary Java Code Execution via crafted XML
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML...
CVE-2012-2656
An XML eXternal Entity XXE issue exists in Restlet 1.1.10 in an endpoint using XML transport, which lets a remote attacker obtain sensitive information...
Xxe
An XML eXternal Entity XXE issue exists in Restlet 1.1.10 in an endpoint using XML transport, which lets a remote attacker obtain sensitive information...
CVE-2012-2656
An XML eXternal Entity XXE issue exists in Restlet 1.1.10 in an endpoint using XML transport, which lets a remote attacker obtain sensitive information...
CVE-2012-2656
CVE-2012-2656: An XML External Entity (XXE) vulnerability exists in Restlet 1.1.10 within an endpoint using XML transport, enabling a remote attacker to obtain sensitive information. Affected component: Restlet 1.1.10 (XML transport endpoint). Root cause: XXE in the XML processing path. Documente...
Arbitrary Code Execution
restlet is vulnerable to arbitrary code execution. A remote attacker is able to execute arbitrary Java code using a malicious XML document due to the default configuration of the ObjectRepresentation class which performs deserialization of objects from untrusted sources using the Java XMLDecoder...