skrkcb2

5 exploits Active since Oct 2023
CVE-2025-0851 NOMISEC CRITICAL WRITEUP
Ai.djl API < 0.31.1 - Path Traversal
A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations.
1 stars
CVSS 9.8
CVE-2024-5452 NOMISEC CRITICAL WRITEUP
pytorch_lightning < 2.3.3 - Remote Code Execution via Deepdiff Delta Dunder Attribute Bypass
A remote code execution (RCE) vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the `deepdiff` library. The library uses `deepdiff.Delta` objects to modify application state based on frontend actions. However, it is possible to bypass the intended restrictions on modifying dunder attributes, allowing an attacker to construct a serialized delta that passes the deserializer whitelist and contains dunder attributes. When processed, this can be exploited to access other modules, classes, and instances, leading to arbitrary attribute write and total RCE on any self-hosted pytorch-lightning application in its default configuration, as the delta endpoint is enabled by default.
CVSS 9.8
CVE-2025-0924 NOMISEC HIGH WRITEUP
WP Activity Log <= 5.2.2 - Unauthenticated Stored Cross-Site Scripting via Message Parameter
The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in all versions up to, and including, 5.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVSS 7.2
CVE-2024-38819 NOMISEC HIGH WRITEUP
Spring WebMvc.fn and WebFlux.fn 6.1.0-6.1.13 - Path Traversal via Static Resource Handling
Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running.
CVSS 7.5
CVE-2023-46604 NOMISEC CRITICAL WRITEUP
Java OpenWire - Deserialization RCE
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
CVSS 10.0