News
The vulnerability, tracked as CVE-2025-30065, is a deserialization issue (CWE-502) in Parquet’s Java library that allows execution of maliciously crafted Parquet files.
After determining that the PayPal site was vulnerable to Java deserialization, Stepankin was able to exploit the flaw in order to execute arbitrary commands on its underlying Web server. “Moreover, I ...
The Adobe ColdFusion flaw flagged by CISA is an old Java deserialization bug in the Apache BlazeDS library, which received a critical severity rating of CVSS 9.8 out of 10 because it enables ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback