11 matches found
CVE-2025-11345
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...
EUVD-2025-32587
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...
CVE-2025-11345
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...
CVE-2025-11345
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...
CVE-2025-11345 ILIAS Test Import unserialize deserialization
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...
CVE-2025-11345
CVE-2025-11345 affects ILIAS up to versions 8.23, 9.13, and 10.1, where the unserialize function in the Test Import component is vulnerable to deserialization, enabling a remote attack. The issue stems from improper handling of deserialization within Test Import, with remote initiation possible. ...
CVE-2025-11345 ILIAS Test Import unserialize deserialization
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...
ILIAS 代码问题漏洞
ILIAS is an open source learning management system. A code issue vulnerability exists in ILIAS versions 8.23 and earlier, 9.13 and earlier, and 10.1 and earlier, which stems from improper handling of the Test Import component's deserialization function, which could lead to remote code execution...
PT-2025-40942
Name of the Vulnerable Software and Affected Versions ILIAS versions up to 8.23 ILIAS versions up to 9.13 ILIAS versions up to 10.1 Description A flaw exists due to deserialization in the unserialize function of the Test Import component. This manipulation can be initiated remotely. Recommendatio...
CVE-2025-50817
A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker...
CVE-2025-50817
Summary of CVE-2025-50817 : IBM security bulletins describe an arbitrary code execution in Python-Future 1.0.0 via unintended import of a local file named test.py when the module is loaded. The risk relies on an attacker who can write files to the server; Python’s import mechanism loads test.py f...