Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-13 | CVE-2022-22958 | Deserialization of Untrusted Data vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). | 7.2 |
| 2022-04-12 | CVE-2022-23450 | Deserialization of Untrusted Data vulnerability in Siemens products A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). | 9.8 |
| 2022-04-06 | CVE-2022-20763 | Deserialization of Untrusted Data vulnerability in Cisco Webex Meetings Online Wbs42.2.11 A vulnerability in the login authorization components of Cisco Webex Meetings could allow an authenticated, remote attacker to inject arbitrary Java code. | 8.8 |
| 2022-04-05 | CVE-2020-19229 | Deserialization of Untrusted Data vulnerability in Jeesite 1.2.7 Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. | 9.8 |
| 2022-04-05 | CVE-2021-33207 | Deserialization of Untrusted Data vulnerability in Softwareag Mashzone Nextgen 10.7 The HTTP client in MashZone NextGen through 10.7 GA deserializes untrusted data when it gets an HTTP response with a 570 status code. | 9.8 |
| 2022-03-29 | CVE-2022-1032 | Deserialization of Untrusted Data vulnerability in Craterapp Crater Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater prior to 6.0.6. | 7.2 |
| 2022-03-23 | CVE-2021-27460 | Deserialization of Untrusted Data vulnerability in Rockwellautomation Factorytalk Assetcentre 10.00 Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. | 9.8 |
| 2022-03-23 | CVE-2021-27462 | Deserialization of Untrusted Data vulnerability in Rockwellautomation Factorytalk Assetcentre 10.00 A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. | 9.8 |
| 2022-03-23 | CVE-2021-27466 | Deserialization of Untrusted Data vulnerability in Rockwellautomation Factorytalk Assetcentre 10.00 A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. | 9.8 |
| 2022-03-23 | CVE-2021-27470 | Deserialization of Untrusted Data vulnerability in Rockwellautomation Factorytalk Assetcentre 10.00 A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. | 9.8 |