252 matches found
EUVD-2022-3668
Malicious code in bioql PyPI...
EUVD-2023-48738
Malicious code in bioql PyPI...
EUVD-2023-30345
Malicious code in bioql PyPI...
EUVD-2023-3212
Malicious code in bioql PyPI...
EUVD-2022-5038
Malicious code in bioql PyPI...
Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server Pattern shipped with IBM Cloud Pak System
Summary IBM Cloud Pak System WebSphere Application Server Pattern WAS pType is vulnerable to multiple vulnerabilities in IBM SDK. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker...
Apache Fory 代码问题漏洞
Apache Fory is a serialization framework from the Apache Foundation. A code issue vulnerability exists in Apache Fory that stems from consuming excessive CPU resources when deserializing untrustworthy data, which could lead to a denial of service attack...
Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments
Summary IBM java SDK is used by Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect VMware Agent from IBM Tivoli Monitoring for Virtual Environments.
Summary IBM java SDK is used by VMware Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
Linux Distros Unpatched Vulnerability : CVE-2022-21248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected...
Security Bulletin: Multiple vulnerabilities in IBM Controller
Summary There are vulnerabilities in Open-Source Software OSS components used by IBM Controller. This Security Bulletin relates only to the direct usage of third-party components by IBM Controller and not any nested dependencies within the product. Vulnerability Details CVEID:CVE-2015-6420...
CVE-2025-55136
ERC aka Emotion Recognition in Conversation through 0.3 has insecure deserialization via a serialized object because jsonpickle is used...
CVE-2022-39008
The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause third-party apps to read and write files that are accessible only to system apps...
CVE-2020-17531
A Java Serialization vulnerability was found in Apache Tapestry 4. Apache Tapestry 4 will attempt to deserialize the "sp" parameter even before invoking the page's validate method, leading to deserialization without authentication. Apache Tapestry 4 reached end of life in 2008 and no update to...
CVE-2018-1000224
Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0.6. contains a Signed/unsigned comparison, wrong buffer size chackes, integer overflow, missing padding initialization vulnerability in DeSerialization functions core/io/marshalls.cpp that can result in DoS packet of...
Medium: java-1.8.0-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...
Medium: java-11-openjdk
Issue Overview: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with networ...
Security Bulletin: Denial of Service in Logback used by Apache Zookeeper affect IBM Operations Analytics - Log Analysis (CVE-2023-6481)
Summary There is a potential denial of service in Logback that is used by Apache Zookeeper. This is caused by serialization vulnerability in Logback. Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in...
Snowflake Connector for Python 代码问题漏洞
Snowflake Connector for Python is an open source interface from Snowflake Computing. It is used to develop Python applications that can connect to Snowflake and perform all standard operations. A code issue vulnerability exists in Snowflake Connector for Python versions prior to 3.13.1, which ste...
ROS-20250114-06
A vulnerability in the Serialization component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect clearing or freeing of resources. resources. Exploitation of the vulnerability could allow an attacker acting...