Vulnerabilities > Deserialization of Untrusted Data

DATE CVE VULNERABILITY TITLE RISK
2023-02-21 CVE-2022-48282 Deserialization of Untrusted Data vulnerability in Mongodb C# Driver
Under very specific circumstances (see Required configuration section below), a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services.
network
low complexity
mongodb CWE-502
7.2
7.2
2023-02-21 CVE-2023-26234 Deserialization of Untrusted Data vulnerability in Jd-Gui Project Jd-Gui 1.6.6
JD-GUI 1.6.6 allows deserialization via UIMainWindowPreferencesProvider.singleInstance.
network
low complexity
jd-gui-project CWE-502
critical
 9.8
9.8
2023-02-17 CVE-2022-47986 Deserialization of Untrusted Data vulnerability in IBM Aspera Faspex 4.4.1/4.4.2
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw.
network
low complexity
ibm CWE-502
critical
 9.8
9.8
2023-02-15 CVE-2022-38111 Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data.
network
low complexity
solarwinds CWE-502
7.2
7.2
2023-02-15 CVE-2022-47503 Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data.
network
low complexity
solarwinds CWE-502
7.2
7.2
2023-02-15 CVE-2022-47504 Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data.
network
low complexity
solarwinds CWE-502
7.2
7.2
2023-02-15 CVE-2022-47507 Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data.
network
low complexity
solarwinds CWE-502
7.2
7.2
2023-02-15 CVE-2023-23836 Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1
SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data.
network
low complexity
solarwinds CWE-502
7.2
7.2
2023-02-11 CVE-2023-25558 Deserialization of Untrusted Data vulnerability in Datahub Project Datahub
DataHub is an open-source metadata platform.
network
low complexity
datahub-project CWE-502
8.8
8.8
2023-02-08 CVE-2022-45982 Deserialization of Untrusted Data vulnerability in Thinkphp
thinkphp 6.0.0~6.0.13 and 6.1.0~6.1.1 contains a deserialization vulnerability.
network
low complexity
thinkphp CWE-502
critical
 9.8
9.8