Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-w39x-chvm-pj3c: Deserialization of Untrusted Data in com.bstek.ureport:ureport2-console

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets.

ghsa
#git#rce

Deserialization of Untrusted Data in com.bstek.ureport:ureport2-console

Critical severity GitHub Reviewed Published May 3, 2022 • Updated May 19, 2022

ghsa: Latest News

GHSA-cmwp-442x-3rcv: Piranha CMS Cross-site Scripting vulnerability