Vulnerabilities > Deserialization of Untrusted Data

DATE CVE VULNERABILITY TITLE RISK
2021-12-06 CVE-2021-44677 Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault
An issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2.
network
low complexity
veritas CWE-502
critical
9.8
2021-12-06 CVE-2021-44678 Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault
An issue (2 of 6) was discovered in Veritas Enterprise Vault through 14.1.2.
network
low complexity
veritas CWE-502
critical
9.8
2021-12-06 CVE-2021-44679 Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault
An issue (3 of 6) was discovered in Veritas Enterprise Vault through 14.1.2.
network
low complexity
veritas CWE-502
critical
9.8
2021-12-06 CVE-2021-44680 Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault
An issue (4 of 6) was discovered in Veritas Enterprise Vault through 14.1.2.
network
low complexity
veritas CWE-502
critical
9.8
2021-12-06 CVE-2021-44681 Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault
An issue (5 of 6) was discovered in Veritas Enterprise Vault through 14.1.2.
network
low complexity
veritas CWE-502
critical
9.8
2021-12-06 CVE-2021-44682 Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault
An issue (6 of 6) was discovered in Veritas Enterprise Vault through 14.1.2.
network
low complexity
veritas CWE-502
critical
9.8
2021-12-06 CVE-2021-36564 Deserialization of Untrusted Data vulnerability in Thinkphp 6.0.8
ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\Adapter.php.
network
low complexity
thinkphp CWE-502
critical
9.8
2021-12-06 CVE-2021-36567 Deserialization of Untrusted Data vulnerability in Thinkphp 6.0.8
ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\AbstractCache.
network
low complexity
thinkphp CWE-502
critical
9.8
2021-12-03 CVE-2021-23758 Deserialization of Untrusted Data vulnerability in Ajaxpro.2 Project Ajaxpro.2 2.9.17.2/6.10.6.2
All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution.
network
low complexity
ajaxpro-2-project CWE-502
critical
9.8
2021-11-30 CVE-2021-22095 Deserialization of Untrusted Data vulnerability in VMWare Spring Advanced Message Queuing Protocol
In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString() method, will create a new String object from the message body, regardless of its size.
network
low complexity
vmware CWE-502
6.5