There was a critical gap in the Wazuh open source security platform that allowed attackers to inject their own code and take over vulnerable servers. To do this, however, they needed access to the ...
The IT researchers assume that the HF Picklescan did not mark the file as insecure for this reason ... of what attackers can do by abusing this deserialization gap. The specific samples contained ...
You can create a release to package software, along with release notes and links to binary files, for other people to use. Learn more about releases in our docs.
This project has not set up a SECURITY.md file yet.
The vulnerabilities are listed below - CVE-2025-20124 (CVSS score: 9.9) - An insecure Java deserialization vulnerability in an API of Cisco ISE that could permit an authenticated, remote attacker to ...
This includes the use of an insecure symmetric encryption algorithm ( 3DES ... The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could ...
Silk Typhoon is a Chinese state actor focused on espionage campaigns targeting a wide range of industries in the US and ...
While there are certainly unique social situations and personal behaviors that can encourage people to feel more insecure or uncomfortable than they typically do, most of the time a person's ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback