Vulnerabilities > Deserialization of Untrusted Data

DATE CVE VULNERABILITY TITLE RISK
2023-12-19 CVE-2023-37390 Deserialization of Untrusted Data vulnerability in Themesflat Addons for Elementor 2.0.0
Deserialization of Untrusted Data vulnerability in Themesflat Themesflat Addons For Elementor.This issue affects Themesflat Addons For Elementor: from n/a through 2.0.0.
network
low complexity
themesflat CWE-502
critical
 9.8
9.8
2023-12-19 CVE-2023-6730 Deserialization of Untrusted Data vulnerability in Huggingface Transformers
Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
network
low complexity
huggingface CWE-502
8.8
8.8
2023-12-19 CVE-2023-46154 Deserialization of Untrusted Data vulnerability in E2Pdf
Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.18.
network
low complexity
e2pdf CWE-502
7.2
7.2
2023-12-19 CVE-2023-49819 Deserialization of Untrusted Data vulnerability in Wpsc-Plugin Structured Content
Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3.
network
low complexity
wpsc-plugin CWE-502
critical
 9.8
9.8
2023-12-15 CVE-2023-29234 Deserialization of Untrusted Data vulnerability in Apache Dubbo
A deserialization vulnerability existed when decode a malicious package.This issue affects Apache Dubbo: from 3.1.0 through 3.1.10, from 3.2.0 through 3.2.4. Users are recommended to upgrade to the latest version, which fixes the issue.
network
low complexity
apache CWE-502
critical
 9.8
9.8
2023-12-15 CVE-2023-46279 Deserialization of Untrusted Data vulnerability in Apache Dubbo 3.1.5
Deserialization of Untrusted Data vulnerability in Apache Dubbo.This issue only affects Apache Dubbo 3.1.5. Users are recommended to upgrade to the latest version, which fixes the issue.
network
low complexity
apache CWE-502
critical
 9.8
9.8
2023-12-10 CVE-2023-6656 Deserialization of Untrusted Data vulnerability in Iperov Deepfacelab Df.Wf.288Res.384.92.72.22
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22.
network
high complexity
iperov CWE-502
7.5
7.5
2023-12-10 CVE-2023-6654 Deserialization of Untrusted Data vulnerability in PHPems 6.0/7.0
A vulnerability classified as critical was found in PHPEMS 6.x/7.x/8.x/9.0.
network
low complexity
phpems CWE-502
8.8
8.8
2023-12-07 CVE-2023-6580 Deserialization of Untrusted Data vulnerability in Dlink Dir-846 Firmware 100A53Dbr
A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR.
network
low complexity
dlink CWE-502
8.8
8.8
2023-12-05 CVE-2023-49297 Deserialization of Untrusted Data vulnerability in Iterative Pydrive2
PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks.
local
low complexity
iterative CWE-502
7.8
7.8