Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-20 | CVE-2024-49625 | Deserialization of Untrusted Data vulnerability in Brandonclark Sitebuilder Dynamic Components Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components allows Object Injection.This issue affects SiteBuilder Dynamic Components: from n/a through 1.0. | 9.8 |
| 2024-10-20 | CVE-2024-49626 | Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management allows Object Injection.This issue affects Shipyaari Shipping Management: from n/a through 1.2. | 9.8 |
| 2024-10-18 | CVE-2024-10079 | Deserialization of Untrusted Data vulnerability in Newsignature WP Easy Post Types The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.4 via deserialization of untrusted input from the 'text' parameter in the 'ajax_import_content' function. | 8.8 |
| 2024-10-16 | CVE-2021-4451 | Deserialization of Untrusted Data vulnerability in Nintechnet Ninjafirewall The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in versions up to, and including, 4.3.3. | 7.2 |
| 2024-10-16 | CVE-2024-9634 | The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.3 via deserialization of untrusted input from the give_company_name parameter. | 9.8 |
| 2024-10-14 | CVE-2024-9953 | Deserialization of Untrusted Data vulnerability in Cert Vince A potential denial-of-service (DoS) vulnerability exists in CERT VINCE software versions prior to 3.0.8. | 4.9 |
| 2024-10-14 | CVE-2024-45733 | Deserialization of Untrusted Data vulnerability in Splunk In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) due to an insecure session storage configuration. | 8.8 |
| 2024-10-13 | CVE-2024-9917 | Deserialization of Untrusted Data vulnerability in Usualtool Usualtoolcms 9.0 A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. | 4.9 |
| 2024-10-11 | CVE-2024-47074 | Deserialization of Untrusted Data vulnerability in Dataease DataEase is an open source data visualization analysis tool. | 9.8 |
| 2024-10-10 | CVE-2024-47636 | Deserialization of Untrusted Data vulnerability in Eyecix Jobsearch WP JOB Board Deserialization of Untrusted Data vulnerability in Eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.9. | 9.8 |