Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-03 | CVE-2023-50222 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-50223 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-39475 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. | 9.8 |
| 2024-05-03 | CVE-2023-39476 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. | 9.8 |
| 2024-04-02 | CVE-2024-27604 | Deserialization of Untrusted Data vulnerability in Alldata 0.4.6 Alldata V0.4.6 is vulnerable to Command execution vulnerability. | 9.8 |
| 2024-03-20 | CVE-2024-1800 | Deserialization of Untrusted Data vulnerability in Progress Telerik Report Server In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability. | 8.8 |
| 2024-03-20 | CVE-2024-1801 | Deserialization of Untrusted Data vulnerability in Progress Telerik Reporting In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability. | 7.8 |
| 2024-03-20 | CVE-2024-1856 | Deserialization of Untrusted Data vulnerability in Progress Telerik Reporting In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a remote threat actor through an insecure deserialization vulnerability. | 8.8 |
| 2024-03-13 | CVE-2024-1950 | Deserialization of Untrusted Data vulnerability in Wpwax Product Carousel Slider & Grid Ultimate for Woocommerce The Product Carousel Slider & Grid Ultimate for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.7 via deserialization of untrusted input via shortcode. | 8.8 |
| 2024-03-13 | CVE-2024-2006 | Deserialization of Untrusted Data vulnerability in Wpwax Post Grid, Slider & Carousel Ultimate The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.6.7 via deserialization of untrusted input in the outpost_shortcode_metabox_markup function. | 8.8 |