Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-01 | CVE-2022-1471 | Deserialization of Untrusted Data vulnerability in Snakeyaml Project Snakeyaml SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. | 9.8 |
| 2022-11-29 | CVE-2022-36964 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 8.8 |
| 2022-11-21 | CVE-2022-3861 | Deserialization of Untrusted Data vulnerability in Muffingroup Betheme 26.5.1.4 The Betheme theme for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 26.5.1.4 via deserialization of untrusted input supplied via the import, mfn-items-import-page, and mfn-items-import parameters passed through the mfn_builder_import, mfn_builder_import_page, importdata, importsinglepage, and importfromclipboard functions. | 8.8 |
| 2022-11-20 | CVE-2022-3525 | Deserialization of Untrusted Data vulnerability in Librenms Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0. | 8.8 |
| 2022-11-17 | CVE-2022-45077 | Deserialization of Untrusted Data vulnerability in Muffingroup Betheme Auth. | 8.8 |
| 2022-11-16 | CVE-2022-45047 | Deserialization of Untrusted Data vulnerability in Apache Sshd Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. | 9.8 |
| 2022-11-12 | CVE-2022-38650 | Deserialization of Untrusted Data vulnerability in VMWare Hyperic Server 5.8.6 A remote unauthenticated insecure deserialization vulnerability exists in VMware Hyperic Server 5.8.6. | 10.0 |
| 2022-11-12 | CVE-2022-38652 | Deserialization of Untrusted Data vulnerability in VMWare Hyperic Agent 5.8.6 A remote insecure deserialization vulnerability exixsts in VMWare Hyperic Agent 5.8.6. | 9.9 |
| 2022-11-09 | CVE-2022-44558 | Deserialization of Untrusted Data vulnerability in Huawei Emui and Harmonyos The AMS module has a vulnerability of serialization/deserialization mismatch. | 9.8 |
| 2022-11-09 | CVE-2022-44559 | Deserialization of Untrusted Data vulnerability in Huawei Emui and Harmonyos The AMS module has a vulnerability of serialization/deserialization mismatch. | 9.8 |