10 matches found
EUVD-2025-26476
Malicious code in bioql PyPI...
CVE-2025-58163
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Versions 1.8.185 and earlier contain a deserialization of untrusted data vulnerability that allows authenticated attackers with knowledge of the application's APPKEY to achieve remote code execution. The...
CVE-2025-58163
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Versions 1.8.185 and earlier contain a deserialization of untrusted data vulnerability that allows authenticated attackers with knowledge of the application's APPKEY to achieve remote code execution. The...
CVE-2025-58163 FreeScout's deserialization of untrusted data can lead to Remote Code Execution
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Versions 1.8.185 and earlier contain a deserialization of untrusted data vulnerability that allows authenticated attackers with knowledge of the application's APPKEY to achieve remote code execution. The...
CVE-2025-54366 FreeScout's deserialization of untrusted data leads to Remote Code Execution
FreeScout is a lightweight free open source help desk and shared inbox built with PHP Laravel framework. In versions 1.8.185 and below, there is a critical deserialization vulnerability in the /conversation/ajax endpoint that allows authenticated users with knowledge of the APPKEY to achieve remo...
PT-2025-30950 · Freescout · Freescout
Name of the Vulnerable Software and Affected Versions: FreeScout versions prior to 1.8.186 Description: FreeScout is a lightweight free open source help desk and shared inbox built with PHP Laravel framework. Versions prior to 1.8.186 contain a critical deserialization vulnerability in the...
PT-2025-102: Deserialization of untrusted data in FreeScout
The vulnerability was identified in FreeScout, version 1.8.182. The discovered vulnerability allows an attacker to deserialize unsafe data, gain control over application objects and impair its operation. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 19.07.2025...
PT-2025-96: Deserialization of untrusted data leads to Remote code execution (RCE) in FreeScout
The vulnerability was identified in FreeScout, version 1.8.182. The discovered vulnerability allows an attacker to deserialize arbitrary objects and fully control their properties, leading to total compromise of the web‑application logic and remote code execution RCE. Vulnerability status:...
PT-2025-99: Deserialization of untrusted data in FreeScout
The vulnerability was identified in FreeScout, version 1.8.182. The discovered vulnerability allows an attacker to deserialize untrusted data, manipulate objects and impair system functionality. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 19.07.2025 Recommendation...
PT-2025-103: Deserialization of untrusted data in FreeScout
The vulnerability was identified in FreeScout, version 1.8.182. The discovered vulnerability allows an attacker to deserialize data, instantiate arbitrary objects and alter their properties, causing severe disruption of the system. Vulnerability status: Confirmed by vendor Date of vulnerability...