365 matches found
bencode (>=0.1.1 <=0.1.8), bincode (>=0.0.3 <=0.0.9) +49 more potentially affected by unknown CVE via rustc-serialize (>=0.1.5 <=0.3.22)
rustc-serialize CARGO version =0.1.5, =0.1.1, =0.0.3, =0.1.12, =0.1.2, =0.5.3, =0.5.2, =0.5.1, =0.1.4, =0.1.8, =0.6.41, =0.6.42 - docoptmacros =0.6.42 - email =0.0.9 - envelope =0.1.2 and more Source cves: unknown CVE Source advisory: OSV:GHSA-2226-4V3C-CFF8...
GSD-2022-1000991 net: dsa: realtek: rtl8365mb: serialize indirect PHY register access
net: dsa: realtek: rtl8365mb: serialize indirect PHY register access This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.4 by commit...
GHSA-W428-F65R-H4Q2 Deserialization of Untrusted Data in rust-cpuid
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used which is not the the default, a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic...
GSL (>=0.4.25 <=0.4.26), IMAPServer (=0.0.0) +4478 more potentially affected by unknown CVE via rustc-serialize (>=0.1.5 <=0.3.25)
rustc-serialize CARGO version =0.1.5, =0.4.25, =0.1.0, =0.1.7, =0.2.0-beta.4, =0.0.6, =0.1.0, =0.2.1, =0.1.4, =0.1.1, =0.3.0 - ace-test-lib =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0004...
CVE-2021-45687
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used which is not the the default, a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic...
PYSEC-2021-822
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for DeserializeSparse can trigger a null pointer dereference. This is because the shape inference function assumes that the serializesparse tensor is a tensor with positive rank and having 3 ...
GSD-2021-1001707 netfilter: conntrack: serialize hash resizes and cleanups
netfilter: conntrack: serialize hash resizes and cleanups This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.10 by commit...
CVE-2021-39146
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...
XStream Arbitrary Code Execution Vulnerability
XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...
XStream Arbitrary Code Execution Vulnerability (CNVD-2021-67824)
XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...
XStream Arbitrary Code Execution Vulnerability (CNVD-2021-67820)
XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...
XStream Arbitrary Code Execution Vulnerability (CNVD-2021-67828)
XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...
XStream Arbitrary Code Execution Vulnerability (CNVD-2021-67822)
XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...
XStream Arbitrary Code Execution Vulnerability (CNVD-2021-67825)
XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...
CVE-2021-3700
A use-after-free vulnerability was found in usbredir in the usbredirparserserialize function in usbredirparser/usbredirparser.c . This issue occurs when serializing large amounts of buffered write data in the case of a slow or blocked destination...
PT-2021-7393 · Usbredir +5 · Usbredir +5
Name of the Vulnerable Software and Affected Versions: usbredir versions prior to 0.11.0 Description: A use-after-free issue was found in the usbredirparser serialize function in usbredirparser/usbredirparser.c. This occurs when serializing large amounts of buffered write data, particularly in...
Node.JS Remote Code Execution
Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 3 Date: 17.06.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://github.com/luin/serialize Software Link: https://github.com/luin/serialize Version: 0.0.4 Tested on: Windows & Ubuntu CVE : 2017-5941 var serialize =...
Node.JS - (node-serialize) Remote Code Execution Exploit (3)
Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 3 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://github.com/luin/serialize Software Link: https://github.com/luin/serialize Version: 0.0.4 Tested on: Windows & Ubuntu CVE : 2017-5941 var serialize = require'node-serialize...
Node.JS - 'node-serialize' Remote Code Execution (3)
Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 3 Date: 17.06.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://github.com/luin/serialize Software Link: https://github.com/luin/serialize Version: 0.0.4 Tested on: Windows & Ubuntu CVE : 2017-5941 var serialize =...
The vulnerability of the deleteFunctions function in the serialize-javascript application library of Aurora Center is related to errors in code generation. This allows a perpetrator to execute arbitrary code.
The vulnerability of the deleteFunctions function in the serialize-javascript application library of Aurora Center is related to code generation control errors. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...