GHSA-8237-957h-h2c2: FileManager Deserialization of Untrusted Data vulnerability

GHSA-cgr4-c233-h733: UnoPim Stored XSS : Cookie hijacking through Create User function

GHSA-cg23-qf8f-62rr: Symphony has an Authentication Bypass via RememberMe

GHSA-j4h6-gcj7-7v9v: decidim-meetings Cross-site scripting vulnerability in the online or hybrid meeting embeds

GHSA-xhg6-9j5j-w4vf: DotNetZip Directory Traversal vulnerability

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets.

**Deserialization of Untrusted Data in com.bstek.ureport:ureport2-console**

Critical severity GitHub Reviewed Published May 3, 2022 • Updated May 19, 2022

Headline

GHSA-w39x-chvm-pj3c: Deserialization of Untrusted Data in com.bstek.ureport:ureport2-console

ghsa: Latest News