EUVD-2021-24699

Malware in sbrugna...

CVE-2021-38241

Deserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary code via weak cipher in Shiro framework...

Improper Access Control

org.opendaylight.sfc:sfc-parent is vulnerable to Improper Access Control. The vulnerability is due to flaws in the Shiro-based RBAC mechanism due to improper enforcement of role-based access control, allowing attackers to execute privileged operations via crafted requests...

Deyue Remote Vehicle Management System Code Issue Vulnerability

Deyue Remote Vehicle Management System is a remote vehicle management system. A code issue vulnerability exists in Deyue Remote Vehicle Management System v1.1, which stems from the use of the Shiro framework, which uses a default key that can be deserialized using Shiro to gain system privileges...

CVE-2021-38241

Deserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary code via weak cipher in Shiro framework...

Deserialization of untrusted data

Deserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary code via weak cipher in Shiro framework...

CVE-2021-38241

Deserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary code via weak cipher in Shiro framework...

Shiro-721

This is a vulnerability analysis of a Shiro RCE Remote Code Execution exploit via Padding Oracle Attack. Here's a summary of the key points: Vulnerability Overview The Shiro framework is a popular open-source security framework that provides identity, authentication, authorization, encryption, an...