Lucene search
K

7 matches found

OSV
OSV
added 2026/02/04 8:34 p.m.4 views

GHSA-74VM-8FRP-7W68 EPyT-Flow vulnerable to unsafe JSON deserialization (__type__)

Impact EPyT-Flow’s REST API parses attacker-controlled JSON request bodies using a custom deserializer myloadfromjson that supports a type field. When type is present, the deserializer dynamically imports an attacker-specified module/class and instantiates it with attacker-supplied arguments. Thi...

10CVSS5.6AI score0.00657EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/30 12:0 a.m.2 views

CVE-2025-50739

iib0011 omni-tools v0.4.0 is vulnerable to remote code execution via unsafe JSON deserialization...

7.8AI score0.00598EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/09/26 9:29 p.m.22 views

CVE-2023-5183 Authenticated RCE due to unsafe JSON deserialization

Unsafe deserialization of untrusted JSON allows execution of arbitrary code on affected releases of the Illumio PCE. Authentication to the API is required to exploit this vulnerability. The flaw exists within the networktraffic API endpoint. An attacker can leverage this vulnerability to execute...

9.9CVSS9.8AI score0.01564EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 3:15 a.m.2 views

CVE-2020-25260

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization...

9.8CVSS7.6AI score0.02687EPSS
Exploits0References1
NVD
NVD
added 2020/09/11 3:15 a.m.12 views

CVE-2020-25260

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization...

9.8CVSS0.02687EPSS
Exploits0References1
Prion
Prion
added 2020/09/11 3:15 a.m.14 views

Deserialization of untrusted data

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization...

7.5CVSS9.7AI score0.02687EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/11 2:18 a.m.36 views

CVE-2020-25260

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization...

9.8AI score0.02687EPSS
Exploits0References1
Rows per page
Query Builder