Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Very High

CVE-2024-2054

Disclosure Date: March 21, 2024 (last updated March 21, 2024)
The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user.
4
1
Attacker Value
Very High

CVE-2024-23759

Disclosure Date: February 12, 2024 (last updated February 15, 2024)
Deserialization of Untrusted Data in Gambio through 4.9.2.0 allows attackers to run arbitrary code via "search" parameter of the Parcelshopfinder/AddAddressBookEntry" function.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
2
1