Vulnerabilities > Deserialization of Untrusted Data

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2024-1225 Deserialization of Untrusted Data vulnerability in Qibosoft Qibocms X1 1.0.6
A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6.
network
low complexity
qibosoft CWE-502
critical
 9.8
9.8
2024-02-03 CVE-2024-1198 Deserialization of Untrusted Data vulnerability in Openbi
A vulnerability, which was classified as critical, was found in openBI up to 6.0.3.
network
low complexity
openbi CWE-502
critical
 9.8
9.8
2024-02-02 CVE-2024-22320 Deserialization of Untrusted Data vulnerability in IBM Operational Decision Manager
IBM Operational Decision Manager 8.10.3 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization.
network
low complexity
ibm CWE-502
8.8
8.8
2024-01-30 CVE-2024-1032 Deserialization of Untrusted Data vulnerability in Openbi Project Openbi
A vulnerability classified as critical was found in openBI up to 1.0.8.
network
low complexity
openbi-project CWE-502
critical
 9.8
9.8
2024-01-27 CVE-2024-0960 Deserialization of Untrusted Data vulnerability in Flink-Extended Aiflow 0.3.1
A vulnerability was found in flink-extended ai-flow 0.3.1.
network
low complexity
flink-extended CWE-502
critical
 9.8
9.8
2024-01-27 CVE-2024-0959 Deserialization of Untrusted Data vulnerability in Standford Gibsonenv 0.3.1
A vulnerability was found in StanfordVL GibsonEnv 0.3.1.
network
low complexity
standford CWE-502
critical
 9.8
9.8
2024-01-26 CVE-2024-0937 Deserialization of Untrusted Data vulnerability in Vanderschaarlab Temporai 0.2.9
A vulnerability, which was classified as critical, has been found in van_der_Schaar LAB synthcity 0.2.9.
network
low complexity
vanderschaarlab CWE-502
critical
 9.8
9.8
2024-01-26 CVE-2024-0936 Deserialization of Untrusted Data vulnerability in Vanderschaarlab Temporai 0.0.3
A vulnerability classified as critical was found in van_der_Schaar LAB TemporAI 0.0.3.
network
low complexity
vanderschaarlab CWE-502
8.8
8.8
2024-01-24 CVE-2023-50943 Deserialization of Untrusted Data vulnerability in Apache Airflow
Apache Airflow, versions before 2.8.1, have a vulnerability that allows a potential attacker to poison the XCom data by bypassing the protection of "enable_xcom_pickling=False" configuration setting resulting in poisoned data after XCom deserialization.
network
low complexity
apache CWE-502
7.5
7.5
2024-01-24 CVE-2024-22284 Deserialization of Untrusted Data vulnerability in Asgaros Forum
Deserialization of Untrusted Data vulnerability in Thomas Belser Asgaros Forum.This issue affects Asgaros Forum: from n/a through 2.7.2.
network
low complexity
asgaros CWE-502
critical
 9.8
9.8