Tag
high
advisory
Graphite graph database engine Insecure Deserialization Vulnerability
1 rule 1 TTPGraphite versions before 0.2 are vulnerable to insecure deserialization due to the use of Python's `pickle` module for database storage, allowing attackers to craft malicious database files that execute arbitrary code when loaded.
graphitedb
insecure-deserialization
code-execution
1r
1t
high
advisory
Grav File Cache Insecure Deserialization Vulnerability
2 rules 2 TTPsGrav versions 1.7.44 through 1.7.49.5 are vulnerable to insecure deserialization in the File Cache component, where the `unserialize` function with `allowed_classes => true` can lead to arbitrary code execution if an attacker tampers with cache files.
grav
insecure-deserialization
code-execution
web-application
2r
2t