Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/15 9:57 a.m.36 views

CVE-2026-11860 Insecure Deserialisation via Plaintext HTTP leading to Remote Code Execution in Quick.CMS

Quick.CMS deserializes user-controlled data received over plaintext HTTP without ensuring integrity or authenticity. This allows attackers to tamper with serialized payloads in transit and inject malicious objects. Because deserialization is performed without proper validation or class...

7.5CVSS0.00235EPSS
Exploits0References2
CISA KEV Catalog
CISA KEV Catalog
added 2026/04/02 12:0 a.m.11 views

TrueConf Client Download of Code Without Integrity Check Vulnerability

TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the...

7.8CVSS6.6AI score0.0575EPSS
In wildExploits2
EUVD
EUVD
added 2026/03/30 9:31 p.m.5 views

EUVD-2026-17162

TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code...

7.8CVSS6.4AI score0.0575EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/03/30 6:5 p.m.31 views

CVE-2026-3502 TrueConf Client Update Integrity Verification Bypass

TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code...

7.8CVSS0.0575EPSS
Exploits2References1
Rows per page
Query Builder