CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code
execution when a malicious project file is loaded into the application by a valid user.
AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
5 months ago Feeds.dzone.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
11 months ago Cisa.gov
CVE-2013-2229 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2218. Reason: This candidate is a reservation duplicate of CVE-2013-2218. Notes: All CVE users should reference CVE-2013-2218 instead of this candidate. All references and ...
55 years ago Tenable.com
CVE-2009-2229 - Directory traversal vulnerability in engine.php in Kasseler CMS 1.3.5 lite allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter during a download action, a different vector than CVE-2008-3087. NOTE: some of these ...
7 years ago
CVE-2002-2229 - Directory traversal vulnerability in Sapio Design Ltd. WebReflex 1.53 allows remote attackers to read arbitrary files via a .. in an HTTP request. ...
16 years ago
CVE-2000-1094 - Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument. ...
1 year ago
CVE-2005-2229 - Blog Torrent 0.92 and earlier stores sensitive files under the web document root in the (1) data or (2) torrents directories with insufficient access control, which allows remote attackers to obtain sensitive information such as account names and ...
8 years ago
CVE-2000-1093 - Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote attackers to execute arbitrary commands via a long "goim" command. ...
7 years ago
CVE-2004-2229 - Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges. ...
7 years ago
CVE-2017-2229 - Untrusted search path vulnerability in Douroshisetu Kihon Data Sakusei System Ver1.0.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. ...
7 years ago
CVE-2007-2229 - Microsoft Windows Vista uses insecure default permissions for unspecified "local user information data stores" in the registry and the file system, which allows local users to obtain sensitive information such as administrative passwords, aka ...
6 years ago
CVE-2006-2229 - OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or ...
4 years ago
CVE-2010-2229 - Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters. ...
4 years ago
CVE-2021-2229 - Vulnerability in the Oracle Depot Repair product of Oracle E-Business Suite (component: LOVs). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to ...
3 years ago
CVE-2019-2229 - In updateWidget of BaseWidgetProvider.java, there is a possible leak of user data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ...
3 years ago
CVE-2022-2229 - An improper authorization issue in GitLab CE/EE affecting all versions from 13.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 allows an attacker to extract the value of an unprotected variable they know the name of in public ...
1 year ago
CVE-2023-2229 - The Quick Post Duplicator for WordPress is vulnerable to SQL Injection via the ‘post_id’ parameter in versions up to, and including, 2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the ...
1 year ago
CVE-2020-2229 - Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the tooltip content of help icons, resulting in a stored cross-site scripting (XSS) vulnerability. ...
1 year ago
CVE-2011-2229 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none ...
55 years ago Tenable.com
CVE-2018-2229 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none ...
55 years ago Tenable.com
CVE-2025-2229 - A token is created using the username, current date/time, and a fixed AES-128 encryption key, which is the same across all installations. ...
1 day ago
CVE-2022-49390 - In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for real_dev Create a new macsec device but not get reference to real_dev. That can not ensure that real_dev is freed after macsec. That will trigger the UAF bug ...
2 weeks ago Tenable.com
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov