Lucene search
K

365 matches found

vulnersOsv
vulnersOsv
added 2022/06/17 12:18 a.m.2 views

bencode (>=0.1.1 <=0.1.8), bincode (>=0.0.3 <=0.0.9) +49 more potentially affected by unknown CVE via rustc-serialize (>=0.1.5 <=0.3.22)

rustc-serialize CARGO version =0.1.5, =0.1.1, =0.0.3, =0.1.12, =0.1.2, =0.5.3, =0.5.2, =0.5.1, =0.1.4, =0.1.8, =0.6.41, =0.6.42 - docoptmacros =0.6.42 - email =0.0.9 - envelope =0.1.2 and more Source cves: unknown CVE Source advisory: OSV:GHSA-2226-4V3C-CFF8...

5.8AI score
Exploits0
OSV
OSV
added 2022/04/24 8:37 p.m.20 views

GSD-2022-1000991 net: dsa: realtek: rtl8365mb: serialize indirect PHY register access

net: dsa: realtek: rtl8365mb: serialize indirect PHY register access This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.4 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/01/06 10:13 p.m.17 views

GHSA-W428-F65R-H4Q2 Deserialization of Untrusted Data in rust-cpuid

An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used which is not the the default, a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic...

9.8CVSS9.5AI score0.01123EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2022/01/01 12:0 p.m.3 views

GSL (>=0.4.25 <=0.4.26), IMAPServer (=0.0.0) +4478 more potentially affected by unknown CVE via rustc-serialize (>=0.1.5 <=0.3.25)

rustc-serialize CARGO version =0.1.5, =0.4.25, =0.1.0, =0.1.7, =0.2.0-beta.4, =0.0.6, =0.1.0, =0.2.1, =0.1.4, =0.1.1, =0.3.0 - ace-test-lib =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0004...

5.5AI score
Exploits0
NVD
NVD
added 2021/12/27 12:15 a.m.15 views

CVE-2021-45687

An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used which is not the the default, a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic...

9.8CVSS0.01123EPSS
Exploits0References2
OSV
OSV
added 2021/11/05 9:15 p.m.4 views

PYSEC-2021-822

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for DeserializeSparse can trigger a null pointer dereference. This is because the shape inference function assumes that the serializesparse tensor is a tensor with positive rank and having 3 ...

5.5CVSS5.9AI score0.00181EPSS
Exploits1References2
OSV
OSV
added 2021/10/19 4:32 p.m.13 views

GSD-2021-1001707 netfilter: conntrack: serialize hash resizes and cleanups

netfilter: conntrack: serialize hash resizes and cleanups This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.10 by commit...

7.2AI score
Exploits0
Debian CVE
Debian CVE
added 2021/08/23 6:5 p.m.25 views

CVE-2021-39146

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS9AI score0.14414EPSS
Exploits0
CNVD
CNVD
added 2021/08/23 12:0 a.m.28 views

XStream Arbitrary Code Execution Vulnerability

XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...

8.8CVSS6.4AI score0.04455EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/23 12:0 a.m.31 views

XStream Arbitrary Code Execution Vulnerability (CNVD-2021-67824)

XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...

8.5CVSS6.4AI score0.04752EPSS
Exploits1References1
CNVD
CNVD
added 2021/08/23 12:0 a.m.35 views

XStream Arbitrary Code Execution Vulnerability (CNVD-2021-67820)

XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...

8.5CVSS6.4AI score0.04752EPSS
Exploits1References1
CNVD
CNVD
added 2021/08/23 12:0 a.m.27 views

XStream Arbitrary Code Execution Vulnerability (CNVD-2021-67828)

XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...

8.5CVSS6.4AI score0.16175EPSS
Exploits2References1
CNVD
CNVD
added 2021/08/23 12:0 a.m.26 views

XStream Arbitrary Code Execution Vulnerability (CNVD-2021-67822)

XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...

8.5CVSS6.4AI score0.04752EPSS
Exploits1References1
CNVD
CNVD
added 2021/08/23 12:0 a.m.23 views

XStream Arbitrary Code Execution Vulnerability (CNVD-2021-67825)

XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...

8.5CVSS6.4AI score0.14414EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2021/08/11 7:25 p.m.52 views

CVE-2021-3700

A use-after-free vulnerability was found in usbredir in the usbredirparserserialize function in usbredirparser/usbredirparser.c . This issue occurs when serializing large amounts of buffered write data in the case of a slow or blocked destination...

6.4CVSS4.6AI score0.00309EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/08/08 12:0 a.m.8 views

PT-2021-7393 · Usbredir +5 · Usbredir +5

Name of the Vulnerable Software and Affected Versions: usbredir versions prior to 0.11.0 Description: A use-after-free issue was found in the usbredirparser serialize function in usbredirparser/usbredirparser.c. This occurs when serializing large amounts of buffered write data, particularly in...

6.6CVSS6.9AI score0.00309EPSS
Exploits0References36
Packet Storm
Packet Storm
added 2021/06/18 12:0 a.m.174 views

Node.JS Remote Code Execution

Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 3 Date: 17.06.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://github.com/luin/serialize Software Link: https://github.com/luin/serialize Version: 0.0.4 Tested on: Windows & Ubuntu CVE : 2017-5941 var serialize =...

7.5CVSS9.6AI score0.61025EPSS
Exploits5
0day.today
0day.today
added 2021/06/18 12:0 a.m.413 views

Node.JS - (node-serialize) Remote Code Execution Exploit (3)

Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 3 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://github.com/luin/serialize Software Link: https://github.com/luin/serialize Version: 0.0.4 Tested on: Windows & Ubuntu CVE : 2017-5941 var serialize = require'node-serialize...

9.8CVSS9.6AI score0.61025EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/06/18 12:0 a.m.187 views

Node.JS - &#039;node-serialize&#039; Remote Code Execution (3)

Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 3 Date: 17.06.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://github.com/luin/serialize Software Link: https://github.com/luin/serialize Version: 0.0.4 Tested on: Windows & Ubuntu CVE : 2017-5941 var serialize =...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.7 views

The vulnerability of the deleteFunctions function in the serialize-javascript application library of Aurora Center is related to errors in code generation. This allows a perpetrator to execute arbitrary code.

The vulnerability of the deleteFunctions function in the serialize-javascript application library of Aurora Center is related to code generation control errors. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.1CVSS8.2AI score0.03009EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder