Micro Focus Service Manager up to 9.62 Deserialization unknown vulnerability
September 19th, 2019 📆 | 3531 Views ⚑
A vulnerability was found in Micro Focus Service Manager up to 9.62. It has been classified as critical. This affects
Browsing the "deserialization" Tag
Tagged with: deserialization • focus • manager • micro • service • unknown • vulnerability
New Java Vulnerabilities? Deserialization, Botnet Cannibalism, & Updates
September 13th, 2019 📆 | 5931 Views ⚑
Java is the programming language that is considered a favorite for both ethical and illegal hacking, according to Mehedi Hasan of
Tagged with: botnet • cannibalism • deserialization • updates • vulnerabilities
eFront LMS 5.2.12 Deserialization Web Request PHP Code Execution privilege escalation
September 6th, 2019 📆 | 2391 Views ⚑
A vulnerability was found in eFront LMS 5.2.12. It has been classified as critical. Affected is an unknown functionality of
Tagged with: deserialization • efront • escalation • execution • privilege • request
Apache Tapestry 5.3.6 HMAC Verification Deserialization unknown vulnerability
September 3rd, 2019 📆 | 5178 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 5.1 $5k-$25k A vulnerability was found in Apache Tapestry 5.3.6. It has
Tagged with: apache • deserialization • tapestry • unknown • verification • vulnerability
formidable Plugin up to 4.02.00 on WordPress Deserialization unknown vulnerability
August 30th, 2019 📆 | 2941 Views ⚑
A vulnerability, which was classified as problematic, was found in formidable Plugin up to 4.02.00 on WordPress (WordPress Plugin). Upgrading
Tagged with: deserialization • formidable • plugin • unknown • vulnerability • wordpress
option-tree Plugin up to 2.7.2 on WordPress Deserialization privilege escalation
August 23rd, 2019 📆 | 6179 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 5.3 $0-$5k A vulnerability classified as critical was found in option-tree Plugin
Tagged with: deserialization • escalation • option • plugin • privilege • wordpress
NSKeyedUnarchiver Deserialization Allows file Backed NSData Objects
July 30th, 2019 📆 | 5320 Views ⚑
The class _NSDataFileBackedFuture can be deserialized even if secure encoding is enabled. This class is a file-backed NSData object that
Tagged with: allows • backed • deserialization • nsdata • nskeyedunarchiver • objects
NSArray Deserialization can Invoke Subclass that does not Retain References
July 30th, 2019 📆 | 3580 Views ⚑
When deserializing a class with initWithCoder, subclasses of that class can also be deserialized so long as they do not
Tagged with: deserialization • invoke • nsarray • references • retain • subclass
Apache Storm up to 1.2.2 UI Daemon Deserialization privilege escalation
July 27th, 2019 📆 | 4908 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 5.5 $5k-$25k A vulnerability was found in Apache Storm up to 1.2.2.
Tagged with: apache • daemon • deserialization • escalation • privilege • storm
serde_yaml 0.6.0/0.8.3 Deserialization YAML File Recursion denial of service
July 25th, 2019 📆 | 8032 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 3.4 $0-$5k A vulnerability was found in serde_yaml 0.6.0/0.8.3. It has been
Tagged with: denial • deserialization • recursion • serde • service
TYPO3 up to 8.7.26/9.5.7 Deserialization privilege escalation
July 10th, 2019 📆 | 5525 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 5.5 $5k-$25k A vulnerability was found in TYPO3 up to 8.7.26/9.5.7 (Content
Tagged with: deserialization • escalation • privilege • typo3
EthereumJ 1.8.2 Deserialization mine/Ethash.java ois.readObject privilege escalation
June 21st, 2019 📆 | 7116 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 9.8 $0-$5k A vulnerability, which was classified as very critical, has been
Tagged with: deserialization • escalation • ethash • ethereumj • privilege • readobject
Oracle Patches Another Remote Code Execution Flaw in WebLogic
June 19th, 2019 📆 | 4067 Views ⚑
Oracle on Tuesday announced that it has released emergency patches for a critical remote code execution vulnerability affecting WebLogic Server,
Tagged with: another • CVE-2019-2725 • CVE-2019-2729 • deserialization • execution • oracle • out-of-band patch • patches • remote • remote code execution vulnerability • weblogic
Sitecore 8.x – Deserialization Remote Code Execution
June 16th, 2019 📆 | 1698 Views ⚑
# Exploit Title: Sitecore v 8.x Deserialization RCE # Date: Reported to vendor October 2018, fix released April 2019. #
Tagged with: deserialization • execution • remote • sitecore
Shopware up to 5.6.x Deserialization createInstanceFromNamedArguments Web Request Remote Code Execution
June 14th, 2019 📆 | 6887 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 6.3 $0-$5k A vulnerability, which was classified as critical, was found in
Tagged with: createinstancefromnamedarguments • deserialization • execution • remote • request • shopware
Parso up to 0.4.0 Grammar Parser Deserialization privilege escalation
June 8th, 2019 📆 | 8615 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 5.5 $0-$5k A vulnerability was found in Parso up to 0.4.0 and
Tagged with: deserialization • escalation • grammar • parser • parso • privilege
IBM Websphere Application Server – Network Deployment Untrusted Data Deserialization Remote Code Execution (Metasploit)
June 7th, 2019 📆 | 3384 Views ⚑
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule 'IBM Websphere Application Server Network Deployment
Tagged with: application • deployment • deserialization • network • server • untrusted • websphere
Sitecore Experience Platform up to 9.1.0 Deserialization OS Command Injection privilege escalation
June 7th, 2019 📆 | 2955 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 6.0 $0-$5k A vulnerability was found in Sitecore Experience Platform up to
Tagged with: command • deserialization • experience • injection • platform • privilege • sitecore
Godot up to 3.1 Deserialization Remote Code Execution
June 1st, 2019 📆 | 3819 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 6.3 $0-$5k A vulnerability, which was classified as critical, was found in
Tagged with: deserialization • execution • godot • remote
Sitecore CMS/XP Sitecore.Security.AntiCSRF __CSRFTOKEN Deserialization privilege escalation
June 1st, 2019 📆 | 1803 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 7.3 $0-$5k A vulnerability was found in Sitecore CMS and XP (unknown
Tagged with: anticsrf • csrftoken • deserialization • privilege • security • sitecore
Synacor Zimbra Collaboration Suite up to 8.7.x/8.8.11 IMAP Deserialization unknown vulnerability
May 30th, 2019 📆 | 7969 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 5.5 $0-$5k A vulnerability was found in Synacor Zimbra Collaboration Suite up
Tagged with: collaboration • deserialization • suite • synacor • unknown • vulnerability • zimbra
Virim Plugin 0.4 on WordPress Deserialization graph.php s_values/t_values/c_values unknown vulnerability
May 21st, 2019 📆 | 7442 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 5.5 $0-$5k A vulnerability was found in Virim Plugin 0.4 on WordPress.
Tagged with: deserialization • graph • plugin • values • virim • wordpress
Carts Guru Plugin 1.4.5 on WordPress Deserialization wc-cartsguru-event-handler.php Cookie unknown vulnerability
May 21st, 2019 📆 | 4158 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 5.5 $0-$5k A vulnerability was found in Carts Guru Plugin 1.4.5 on
Tagged with: carts • cartsguru • deserialization • event • handler • plugin • wordpress
Oracle Weblogic Server – ‘AsyncResponseService’ Deserialization Remote Code Execution (Metasploit)
May 10th, 2019 📆 | 4490 Views ⚑
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule 'Oracle Weblogic Server Deserialization RCE -
Tagged with: asyncresponseservice • deserialization • execution • oracle • remote • server • weblogic
12
-
-
Popular
CamScanner PDF App Drops a Malware Component in… August 28, 2019 Its time to uninstall the CamScanner App from your Android…
Trump Critique of Cryptocurrency Sends Bitcoin Price Lower August 25, 2019 The value of Bitcoin recently dropped below $10,000 after President…
Open-Source Spyware AhMyth Spreading Via Google Play… August 23, 2019 Researchers discovered an open-source spyware AhMyth associated with Google play store…
Houston astronaut accused of hacking… August 24, 2019 HOUSTON - Summer Worden said her 6-year-old son is her…
Mastercard Reports Data Breach to German and Belgian DPAs August 25, 2019 Mastercard disclosed a data breach to the German and Belgian…
Google Chrome to Warn If Logins Are Found in a Data Breach August 23, 2019 Google is adding a built-in data breach notification service to…
James Charles’ Twitter Account Hacked, Flooded With… August 24, 2019 James Charles via YouTube James Charles James Charles’ Twitter account…
Comments