VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Deserialization of Untrusted Data
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-16
CVE-2025-3677
A vulnerability classified as critical was found in lm-sys fastchat up to 0.2.36.
local
low complexity
CWE-502
5.3
5.3
2025-04-14
CVE-2025-3590
A vulnerability has been found in Adianti Framework up to 8.0 and classified as critical.
network
low complexity
CWE-502
6.3
6.3
2025-04-11
CVE-2025-3439
The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.1 via deserialization of untrusted input from the 'field_value' parameter.
network
low complexity
CWE-502
critical
9.8
9.8
2025-04-08
CVE-2025-29793
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
network
low complexity
CWE-502
7.2
7.2
2025-04-07
CVE-2025-2251
A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism.
network
high complexity
CWE-502
6.2
6.2
2025-04-04
CVE-2025-3250
A vulnerability, which was classified as problematic, has been found in elunez eladmin 2.7.
network
low complexity
CWE-502
4.3
4.3
2025-04-03
CVE-2025-3165
A vulnerability classified as critical has been found in thu-pacman chitu 0.1.0.
local
low complexity
CWE-502
5.3
5.3
2025-04-01
CVE-2025-31084
Deserialization of Untrusted Data vulnerability in Sunshinephotocart Sunshine Photo Cart
Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart allows Object Injection.
network
low complexity
sunshinephotocart
CWE-502
critical
9.8
9.8
2025-03-28
CVE-2025-2485
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.8.7 via deserialization of untrusted input from the 'dnd_upload_cf7_upload' function.
network
high complexity
CWE-502
7.5
7.5
2025-03-27
CVE-2025-2855
A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7.
network
low complexity
CWE-502
4.7
4.7
«
1
(current)
2
3
4
5
...
108
109
»
Next