Vulnerabilities > Deserialization of Untrusted Data
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-17 | CVE-2024-28074 | It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager. | 9.6 |
2024-07-15 | CVE-2023-46801 | Deserialization of Untrusted Data vulnerability in Apache Linkis 1.4.0/1.5.0 In Apache Linkis <= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version < 1.8.0_241. | 8.8 |
2024-07-15 | CVE-2023-49566 | Deserialization of Untrusted Data vulnerability in Apache Linkis 1.4.0/1.5.0 In Apache Linkis <=1.5.0, due to the lack of effective filtering of parameters, an attacker configuring malicious db2 parameters in the DataSource Manager Module will result in jndi injection. | 8.8 |
2024-07-09 | CVE-2024-38023 | Deserialization of Untrusted Data vulnerability in Microsoft Sharepoint Server 2016/2019 Microsoft SharePoint Server Remote Code Execution Vulnerability | 7.2 |
2024-07-09 | CVE-2024-38024 | Deserialization of Untrusted Data vulnerability in Microsoft Sharepoint Server 2016/2019 Microsoft SharePoint Server Remote Code Execution Vulnerability | 7.2 |
2024-07-09 | CVE-2024-38094 | Deserialization of Untrusted Data vulnerability in Microsoft Sharepoint Server 2016/2019 Microsoft SharePoint Remote Code Execution Vulnerability | 7.2 |
2024-07-05 | CVE-2024-6525 | Deserialization of Untrusted Data vulnerability in Dlink Dar-7000 Firmware 100A53Dbr/20151231/31R02B1413C ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20230922. | 8.8 |
2024-06-13 | CVE-2024-4371 | Deserialization of Untrusted Data vulnerability in Codexpert Codesigner The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.1 via deserialization of untrusted input from the recently_viewed_products cookie. | 9.8 |
2024-06-11 | CVE-2024-35249 | Deserialization of Untrusted Data vulnerability in Microsoft Dynamics 365 Business Central 2023/2024 Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability | 8.8 |
2024-06-06 | CVE-2024-5675 | Deserialization of Untrusted Data vulnerability in Summar Mentor 3.83.35 Untrusted data deserialization vulnerability has been found in Mentor - Employee Portal, affecting version 3.83.35. | 9.8 |