Vulnerabilities > Deserialization of Untrusted Data
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-15 | CVE-2022-38111 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
2023-02-15 | CVE-2022-47503 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
2023-02-15 | CVE-2022-47504 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
2023-02-15 | CVE-2022-47507 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
2023-02-15 | CVE-2023-23836 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. | 7.2 |
2023-02-08 | CVE-2022-45982 | Deserialization of Untrusted Data vulnerability in Thinkphp thinkphp 6.0.0~6.0.13 and 6.1.0~6.1.1 contains a deserialization vulnerability. | 9.8 |
2023-02-06 | CVE-2023-0669 | Deserialization of Untrusted Data vulnerability in Fortra Goanywhere Managed File Transfer Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. | 7.2 |
2023-02-03 | CVE-2023-25135 | Deserialization of Untrusted Data vulnerability in Vbulletin 5.6.7/5.6.8/5.6.9 vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers deserialization. | 9.8 |
2023-01-31 | CVE-2023-24162 | Deserialization of Untrusted Data vulnerability in Hutool 5.8.11 Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter. | 9.8 |
2023-01-26 | CVE-2022-31710 | Deserialization of Untrusted Data vulnerability in VMWare Vrealize LOG Insight vRealize Log Insight contains a deserialization vulnerability. | 7.5 |