Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-15 | CVE-2022-38352 | Deserialization of Untrusted Data vulnerability in Thinkphp 6.0.13 ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Psr6Cache. | 9.8 |
| 2022-09-06 | CVE-2022-2433 | Deserialization of Untrusted Data vulnerability in Connekthq Ajax Load More The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to deserialization of untrusted input via the 'alm_repeaters_export' parameter in versions up to, and including 5.5.3. | 8.8 |
| 2022-09-06 | CVE-2022-2434 | Deserialization of Untrusted Data vulnerability in Instawp String Locator The String Locator plugin for WordPress is vulnerable to deserialization of untrusted input via the 'string-locator-path' parameter in versions up to, and including 2.5.0. | 8.8 |
| 2022-09-06 | CVE-2022-2436 | Deserialization of Untrusted Data vulnerability in Wpdownloadmanager Wordpress Download Manager The Download Manager plugin for WordPress is vulnerable to deserialization of untrusted input via the 'file[package_dir]' parameter in versions up to, and including 3.2.49. | 8.8 |
| 2022-09-06 | CVE-2022-2438 | Deserialization of Untrusted Data vulnerability in Managewp Broken Link Checker The Broken Link Checker plugin for WordPress is vulnerable to deserialization of untrusted input via the '$log_file' value in versions up to, and including 1.11.16. | 7.2 |
| 2022-09-06 | CVE-2022-2442 | Deserialization of Untrusted Data vulnerability in Wpvivid Migration, Backup, Staging The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to deserialization of untrusted input via the 'path' parameter in versions up to, and including 0.9.74. | 7.2 |
| 2022-09-02 | CVE-2022-29063 | Deserialization of Untrusted Data vulnerability in Apache Ofbiz The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. | 9.8 |
| 2022-08-31 | CVE-2022-37021 | Deserialization of Untrusted Data vulnerability in Apache Geode Apache Geode versions up to 1.12.5, 1.13.4 and 1.14.0 are vulnerable to a deserialization of untrusted data flaw when using JMX over RMI on Java 8. | 9.8 |
| 2022-08-31 | CVE-2022-37022 | Deserialization of Untrusted Data vulnerability in Apache Geode Apache Geode versions up to 1.12.2 and 1.13.2 are vulnerable to a deserialization of untrusted data flaw when using JMX over RMI on Java 11. | 8.8 |
| 2022-08-31 | CVE-2022-37023 | Deserialization of Untrusted Data vulnerability in Apache Geode Apache Geode versions prior to 1.15.0 are vulnerable to a deserialization of untrusted data flaw when using REST API on Java 8 or Java 11. | 6.5 |