Vulnerabilities > Deserialization of Untrusted Data
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-03-01 | CVE-2024-0692 | The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. low complexity CWE-502 | 8.8 |
2024-02-20 | CVE-2024-1651 | Torrentpier version 2.4.1 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to insecure deserialization. | 10.0 |
2024-02-15 | CVE-2023-40057 | Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. | 9.0 |
2024-02-15 | CVE-2024-23478 | Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. | 8.0 |
2024-02-09 | CVE-2024-1353 | Deserialization of Untrusted Data vulnerability in PHPems A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. | 9.8 |
2024-02-06 | CVE-2024-24590 | Deserialization of Untrusted Data vulnerability in Clear Clearml Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with. | 8.8 |
2024-02-05 | CVE-2024-0668 | Deserialization of Untrusted Data vulnerability in Sigmaplugin Advanced Database Cleaner The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.3 via deserialization of untrusted input in the 'process_bulk_action' function. | 7.2 |
2024-02-05 | CVE-2023-6933 | Deserialization of Untrusted Data vulnerability in Wpengine Better Search Replace The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. | 9.8 |
2024-02-05 | CVE-2024-1225 | Deserialization of Untrusted Data vulnerability in Qibosoft Qibocms X1 1.0.6 A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. | 9.8 |
2024-02-03 | CVE-2024-1198 | Deserialization of Untrusted Data vulnerability in Openbi A vulnerability, which was classified as critical, was found in openBI up to 6.0.3. | 9.8 |