Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-21560

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00661EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/08/15 5:30 p.m.7 views

CVE-2025-2180

An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma® Cloud. This issue impacts Checkov 3.0 versions earlier th...

4.8CVSS8AI score0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/16 7:43 p.m.40 views

CVE-2024-47836 Admidio vulnerable to HTML Injection In The Messages Section

Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4.3.12 fixes this issue...

3.5CVSS0.00469EPSS
Exploits0References1
NVD
NVD
added 2023/10/30 11:15 p.m.14 views

CVE-2023-45672

Frigate is an open source network video recorder. Prior to version 0.13.0 Beta 3, an unsafe deserialization vulnerability was identified in the endpoints used to save configurations for Frigate. This can lead to unauthenticated remote code execution. This can be performed through the UI at /confi...

7.5CVSS8AI score0.01387EPSS
Exploits1References5
Metasploit
Metasploit
added 2023/10/04 7:50 p.m.430 views

Progress Software WS_FTP Unauthenticated Remote Code Execution

This module exploits an unsafe .NET deserialization vulnerability to achieve unauthenticated remote code execution against a vulnerable WSFTP server running the Ad Hoc Transfer module. All versions of WSFTP Server prior to 2020.0.4 version 8.7.4 and 2022.0.2 version 8.8.2 are vulnerable to this...

10CVSS9AI score0.9015EPSS
Exploits5
RedHat Linux
RedHat Linux
added 2023/01/11 11:29 a.m.395 views

Important: Red Hat Security Advisory: RHV 4.4 SP1 [ovirt-4.5.3-3] security update

Updated RHV packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.6AI score0.03571EPSS
Exploits2References8
CVE
CVE
added 2021/08/18 2:35 p.m.61 views

CVE-2021-21868

CVE-2021-21868 affects CODESYS Development System 3.5.16 and 3.5.17. The root cause is an unsafe deserialization in ObjectManager.plugin GetMissingTypesFromAuxStream() that uses BinaryFormatter on untrusted data, enabling arbitrary code execution when a project auxiliary file (MissingTypeInformat...

8.8CVSS7.7AI score0.01607EPSS
Exploits1References2Affected Software1
Talos
Talos
added 2021/07/26 12:0 a.m.115 views

CODESYS Development System PackageManagement.plugin ExtensionMethods.Clone() Unsafe Deserialization vulnerability

Summary An unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

8.8CVSS8AI score0.01298EPSS
Exploits0
Talos
Talos
added 2021/07/26 12:0 a.m.74 views

CODESYS Development System ComponentModel ComponentManager.StartupCultureSettings Unsafe Deserialization vulnerability

Summary An unsafe deserialization vulnerability exists in the ComponentModel ComponentManager.StartupCultureSettings functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious fi...

7.8CVSS7.8AI score0.01727EPSS
Exploits1
Rows per page
Query Builder