Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-21 | CVE-2023-2141 | Deserialization of Untrusted Data vulnerability in 3DS Delmia Apriso 2017/2019/2022 An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution. | 8.8 |
| 2023-04-20 | CVE-2023-20864 | Deserialization of Untrusted Data vulnerability in VMWare Aria Operations for Logs and Cloud Foundation VMware Aria Operations for Logs contains a deserialization vulnerability. | 9.8 |
| 2023-04-19 | CVE-2021-28254 | Deserialization of Untrusted Data vulnerability in Laravel 8.5.9 A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands. | 9.8 |
| 2023-04-11 | CVE-2023-1552 | Deserialization of Untrusted Data vulnerability in GE Toolboxst 04.07.05C/07.09.07C ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. | 7.8 |
| 2023-04-06 | CVE-2023-28500 | Deserialization of Untrusted Data vulnerability in Adobe Livecycle ES4 A Java insecure deserialization vulnerability in Adobe LiveCycle ES4 version 11.0 and earlier allows unauthenticated remote attackers to gain operating system code execution by submitting specially crafted Java serialized objects to a specific URL. | 9.8 |
| 2023-04-05 | CVE-2023-20102 | Deserialization of Untrusted Data vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. | 8.8 |
| 2023-04-04 | CVE-2020-29312 | Deserialization of Untrusted Data vulnerability in Zend Framework An issue found in Zend Framework v.3.1.3 and before allow a remote attacker to execute arbitrary code via the unserialize function. | 9.8 |
| 2023-03-29 | CVE-2022-28685 | Deserialization of Untrusted Data vulnerability in Aveva Edge This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). | 7.8 |
| 2023-03-29 | CVE-2022-2561 | Deserialization of Untrusted Data vulnerability in Opclabs Quickopc 5.63 This vulnerability allows remote attackers to execute arbitrary code on affected installations of OPC Labs QuickOPC 2022.1. | 7.8 |
| 2023-03-29 | CVE-2022-36971 | Deserialization of Untrusted Data vulnerability in Ivanti Avalanche 6.3.2.3490/6.3.3/6.3.3.101 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. | 8.8 |