Resultado de búsqueda
Hace 3 días · 4. Insecure Deserialization. Insecure deserialization occurs when untrusted data instantiates objects during the deserialization process. Here's what that means: When a program reads a file or a stream of data and converts it back into usable objects (like turning a saved game state back into a playable game), that's called deserialization.
Hace 1 día · Vulnerability Description. An insecure deserialization vulnerability exists in Delta InfraSuite Device Master. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system. Delta InfraSuite Device Master Insecure Deserialization (CVE-2023-47207) - CPAI-2023-1819.
Hace 20 horas · 8. Insecure Deserialization. Attackers exploit vulnerabilities in how applications deserialise data, potentially executing arbitrary code on the server or gaining unauthorised access. Example: An application deserialises user-supplied data without proper validation.
Hace 5 días · Insecure disposal. Old devices, such as computers, hard disk drives, and solid-state drives that have not been properly wiped, may expose users to data theft. Even a few leaked details can open the floodgates to malicious activities like identity theft, financial fraud, IP theft, and cyber fraud.
Hace 5 días · July 3, 2024. The 6 Phases of API Security. Because APIs are the building blocks of modern software architecture, securing them is critical. Since API security is multi-faceted, focusing on different stages of API security during the software development phase may require varying security testing technologies during each phase to ensure the security and integrity of the API.
Hace 3 días · CVE-2024-0035: March 15, 2024 – Severity: Low: Vulnerability in the pickle module allowing insecure deserialization. Although low in severity, this vulnerability could be exploited to perform denial of service attacks or other undesirable behavior in specific scenarios.
Hace 20 horas · Insecure deserialization: Where untrusted data is used to abuse the logic of an application, leading to various attacks such as executing arbitrary code. It's essential to understand these threats to implement effective security measures.
