Cross-site Scripting (XSS)

Overview justhtml is an A pure Python HTML5 parser that just works. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the serialization process of raw-text elements such as script and style when a custom sanitization policy retains these elements. An attacker can...

Regular Expression Denial of Service (ReDoS)

Overview org.webjars.npm:seroval is a Stringify JS values Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the RegExp serialization process. An attacker can cause the exhaustion of JavaScript runtime memory or trigger catastrophic backtracking by...

EUVD-2023-43120

Malicious code in bioql PyPI...

CVE-2023-39395

Technical details about CVE-2023-39395 are not publicly available in the provided documents. Monitor for official advisories; current descriptions only indicate a serialization mismatch potentially affecting availability, with no concrete affected products or remediation details disclosed here.

CVE-2023-39395

Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability...

PT-2023-20722 · Pgmng · Pgmng

Name of the Vulnerable Software and Affected Versions: pgmng module affected versions not specified Description: The issue concerns a vulnerability in the serialization/deserialization process of the pgmng module. Successful exploitation may impact availability. Recommendations: At the moment,...

The original Java deserialization remote execution vulnerabilities so simple-vulnerability warning-the black bar safety net

Here we for Java deserialization issue caused remote code execution vulnerability principles are introduced. In order to simplify the description,without introducing a 3rd party library under the premise of the Operation, HOPE can serve to initiate the effect. There are 3 main parts: The Java...