Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-19 | CVE-2024-43242 | Deserialization of Untrusted Data vulnerability in Wpindeed Ultimate Membership PRO Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro allows Object Injection.This issue affects Ultimate Membership Pro: from n/a through 12.6. | 10.0 |
| 2024-08-13 | CVE-2024-28986 | Deserialization of Untrusted Data vulnerability in Solarwinds web Help Desk SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. | 9.8 |
| 2024-08-07 | CVE-2024-36131 | Deserialization of Untrusted Data vulnerability in Ivanti Endpoint Manager Mobile An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the appliance. | 8.8 |
| 2024-07-24 | CVE-2024-6327 | Deserialization of Untrusted Data vulnerability in Progress Telerik Report Server In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability. | 9.8 |
| 2024-07-22 | CVE-2024-6793 | Deserialization of Untrusted Data vulnerability in NI Veristand A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution. | 9.8 |
| 2024-07-22 | CVE-2024-6794 | Deserialization of Untrusted Data vulnerability in NI Veristand A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming Server that may result in remote code execution. | 9.8 |
| 2024-07-21 | CVE-2024-6944 | Deserialization of Untrusted Data vulnerability in Crmeb A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. | 7.5 |
| 2024-07-21 | CVE-2024-6943 | Deserialization of Untrusted Data vulnerability in Crmeb A vulnerability has been found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. | 8.8 |
| 2024-07-09 | CVE-2024-31317 | Deserialization of Untrusted Data vulnerability in Google Android In multiple functions of ZygoteProcess.java, there is a possible way to achieve code execution as any app via WRITE_SECURE_SETTINGS due to unsafe deserialization. | 7.8 |
| 2024-07-01 | CVE-2024-36984 | Deserialization of Untrusted Data vulnerability in Splunk In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 on Windows, an authenticated user could execute a specially crafted query that they could then use to serialize untrusted data. | 8.8 |