Vulnerabilities > Deserialization of Untrusted Data

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-26	CVE-2021-41766	Deserialization of Untrusted Data vulnerability in Apache Karaf Apache Karaf allows monitoring of applications and the Java runtime by using the Java Management Extensions (JMX). network high complexity apache CWE-502	8.1
2022-01-18	CVE-2022-23302	Deserialization of Untrusted Data vulnerability in multiple products JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. network low complexity apache netapp broadcom qos oracle CWE-502	8.8
2022-01-18	CVE-2022-23307	Deserialization of Untrusted Data vulnerability in multiple products CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. network low complexity apache qos oracle CWE-502	8.8
2022-01-18	CVE-2021-45394	Deserialization of Untrusted Data vulnerability in Html2Pdf Project Html2Pdf An issue was discovered in Spipu HTML2PDF before 5.2.4. network low complexity html2pdf-project CWE-502	8.8
2022-01-10	CVE-2021-43297	Deserialization of Untrusted Data vulnerability in Apache Dubbo A deserialization vulnerability existed in dubbo hessian-lite 3.2.11 and its earlier versions, which could lead to malicious code execution. network low complexity apache CWE-502 critical	9.8
2022-01-10	CVE-2021-42392	Deserialization of Untrusted Data vulnerability in multiple products The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. network low complexity h2database debian oracle CWE-502 critical	9.8
2022-01-06	CVE-2022-21663	Deserialization of Untrusted Data vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. network low complexity wordpress debian fedoraproject CWE-502	7.2
2022-01-04	CVE-2022-21647	Deserialization of Untrusted Data vulnerability in Codeigniter CodeIgniter is an open source PHP full-stack web framework. network low complexity codeigniter CWE-502 critical	9.8
2021-12-22	CVE-2021-43853	Deserialization of Untrusted Data vulnerability in Ajax.Net Professional Project Ajax.Net Professional Ajax.NET Professional (AjaxPro) is an AJAX framework available for Microsoft ASP.NET. network low complexity ajax-net-professional-project CWE-502	5.4
2021-12-22	CVE-2021-44029	Deserialization of Untrusted Data vulnerability in Quest Kace Desktop Authority An issue was discovered in Quest KACE Desktop Authority before 11.2. network low complexity quest CWE-502 critical	9.8