unserialize-exploit

🎯 unserialize-exploit - Explore PHP Unserialization Exploits...

CVE-2025-6033

There is a memory corruption vulnerability due to an out of bounds write in XMLSerialize when using SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a...

CVE-2025-6033 Memory Corruption issue in XML_Serialize() in NI Circuit Design Suite

There is a memory corruption vulnerability due to an out of bounds write in XMLSerialize when using SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a...

PT-2025-40006

Name of the Vulnerable Software and Affected Versions NI Circuit Design Suite versions 14.3.1 and prior Description A memory corruption issue exists due to an out-of-bounds write within the XML Serialize function when utilizing the SymbolEditor component. Successful exploitation requires an...

Malicious code in com.unity.serialization (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-47635 Malicious code in com.unity.serialization (npm)

--- -= Per source details. Do not edit below this line.=-...

colander

This is a Python library for deserialization and validation of data structures composed of strings, mappings, and lists. It is a package that can be used to serialize an arbitrary data structure to a data structure composed of strings, mappings, and lists, and to deserialize and validate a data...

CVE-2025-59414 Nuxt Client-Side Path Traversal in Nuxt Island Payload Revival

Nuxt is an open-source web development framework for Vue.js. Prior to 3.19.0 and 4.1.0, A client-side path traversal vulnerability in Nuxt's Island payload revival mechanism allowed attackers to manipulate client-side requests to different endpoints within the same application domain when specifi...

Linux Distros Unpatched Vulnerability : CVE-2022-50339

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server Pattern shipped with IBM Cloud Pak System

Summary IBM Cloud Pak System WebSphere Application Server Pattern WAS pType is vulnerable to multiple vulnerabilities in IBM SDK. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker...

CVE-2022-50339

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

UBUNTU-CVE-2022-50339

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

CVE-2022-50339

CVE-2022-50339 : In the Linux kernel Bluetooth stack, a race exists between mgmt_init_hdev() and mgmt_index_removed() where the HCI_MGMT flag testing/setting can race against testing due to missing serialization (hci_dev_lock()). The fix splits hci_dev_test_and_set_flag() into hci_dev_test_flag()...

PT-2025-38057

Name of the Vulnerable Software and Affected Versions: Greenshot versions 1.3.300 and earlier Description: Greenshot is a Windows screenshot utility. The software deserializes attacker-controlled data received in a WM COPYDATA message using BinaryFormatter.Deserialize without prior validation or...

PT-2025-38008

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to Bluetooth functionality. Specifically, a race condition can occur within the mgmt init hdev function due to the lack of serialization via hc...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a resource leak in the serialization driver jsm during probing...

Apache Fory 代码问题漏洞

Apache Fory is a serialization framework from the Apache Foundation. A code issue vulnerability exists in Apache Fory that stems from consuming excessive CPU resources when deserializing untrustworthy data, which could lead to a denial of service attack...

ysoserial

This is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, called ysoserial, is a collection of utilities and property-oriented programming "gadget chains" discovered in common Java libraries that can, under the right conditions, exploit Jav...

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments

Summary IBM java SDK is used by Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect VMware Agent from IBM Tivoli Monitoring for Virtual Environments.

Summary IBM java SDK is used by VMware Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...