Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-23 | CVE-2024-5085 | Deserialization of Untrusted Data vulnerability in Hashthemes Hash Form The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input in the 'process_entry' function. | 9.8 |
| 2024-05-22 | CVE-2024-4157 | Deserialization of Untrusted Data vulnerability in Fluentforms Contact Form The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.1.15 via deserialization of untrusted input in the extractDynamicValues function. | 8.8 |
| 2024-05-15 | CVE-2024-3483 | Deserialization of Untrusted Data vulnerability in Microfocus Imanager Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger command injection and insecure deserialization issues. | 9.8 |
| 2024-05-15 | CVE-2024-3967 | Deserialization of Untrusted Data vulnerability in Microfocus Imanager Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object deserialization. | 9.8 |
| 2024-05-15 | CVE-2024-4200 | Deserialization of Untrusted Data vulnerability in Progress Telerik Reporting In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.2.514), a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability. | 7.8 |
| 2024-05-03 | CVE-2023-50218 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-50219 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-50220 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-50221 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-50222 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability. | 8.8 |