365 matches found
Design/Logic Flaw
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on...
Design/Logic Flaw
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...
UBUNTU-CVE-2021-21366
xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. xmldom versions 0.4.0 and older do not correctly preserve system identifiers, FPIs or namespaces when repeatedly parsing and serializing maliciously crafted documents. This may lead to unexpect...
Node.JS Remote Code Execution
Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 2 Exploit Author: UndeadLarva Software Link: https://www.npmjs.com/package/node-serialize Version: 0.0.4 CVE: CVE-2017-5941 import requests import re import base64 import sys url = 'http://192.168.100.133:8000/' change this payload =...
Node.JS - 'node-serialize' Remote Code Execution (2)
Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 2 Exploit Author: UndeadLarva Software Link: https://www.npmjs.com/package/node-serialize Version: 0.0.4 CVE: CVE-2017-5941 import requests import re import base64 import sys url = 'http://192.168.100.133:8000/' change this payload =...
RUSTSEC-2021-0089 Optional `Deserialize` implementations lacking validation
When activating the non-default feature serialize, most structs implement serde::Deserialize without sufficient validation. This allows breaking invariants in safe code, leading to: Undefined behavior in asstring methods which use std::str::fromutf8unchecked internally. Panics due to failed...
PT-2021-24261 · Raw-Cpuid · Raw-Cpuid
Name of the Vulnerable Software and Affected Versions: raw-cpuid crate versions prior to 9.1.1 Description: The issue arises when the non-default serialize feature is activated, allowing most structs to implement serde::Deserialize without sufficient validation. This can lead to breaking invarian...
OSV-2018-97 Heap-buffer-overflow in CFF::CFF2VariationStore::serialize
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11713 Crash type: Heap-buffer-overflow READ Crash state: CFF::CFF2VariationStore::serialize writecff2 hbsubsetcff2...
OSV-2018-26 UNKNOWN READ in BEInt<unsigned char, 1>::operator unsigned char
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11351 Crash type: UNKNOWN READ Crash state: BEInt::operator unsigned char OT::DeviceRecord::serialize OT::hdmx::serialize...
Cross-Site Scripting
Overview Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements. Recommendation Upgrade to version 2.0.17 or...
GHSA-63Q7-H895-M982 Cross-site Scripting in dompurify
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...
Security Bulletin: A security vulnerability in Node.js serialize-javascript affects IBM Cloud Pak for Multicloud Management Managed Service.
Summary A security vulnerability in Node.js serialize-javascript affects IBM Cloud Pak for Multicloud Management Managed Service. Vulnerability Details Third Party Entry: 186585 DESCRIPTION: Node.js serialize-javascript module code execution CVSS Base score: 9.8 CVSS Temporal Score: See:...
CVE-2020-28923
An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior to 2.8.0 that used the Play Java API to serialize classes with protected or private fields to JSON...
Cross-Site Scripting (XSS)
dompurify is vulnerable to cross-site scripting XSS. A mutation XSS vulnerability exists as a serialize-parse roundtrip does not return the original DOM tree, causing a namespace change from HTML to MathML via FORM elements...
CVE-2020-26870
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...
CVE-2020-26870
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...
UBUNTU-CVE-2020-26870
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...
CVE-2020-26870
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...
Denial Of Service (DoS)
serialize-to-js is vulnerable to denial of service DoS. The vulnerability exists as the unvalidated user input could cause an infinite loop in the deserialize function...
GHSA-W5Q7-3PR9-X44W Denial of Service in serialize-to-js
Versions of serialize-to-js prior to 2.0.0 are vulnerable to Denial of Service. User input is not properly validated, allowing attackers to provide inputs that lead the execution to loop indefinitely. Recommendation Upgrade to version 2.0.0 or later...