Vulnerabilities > Deserialization of Untrusted Data

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-24	CVE-2021-4178	Deserialization of Untrusted Data vulnerability in Redhat products A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. local low complexity redhat CWE-502	6.7
2022-08-22	CVE-2022-33900	Deserialization of Untrusted Data vulnerability in Sandhillsdev Easy Digital Downloads PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress. network low complexity sandhillsdev CWE-502	7.2
2022-08-19	CVE-2022-29805	Deserialization of Untrusted Data vulnerability in Fishbowlinventory Fishbowl A Java Deserialization vulnerability in the Fishbowl Server in Fishbowl Inventory before 2022.4.1 allows remote attackers to execute arbitrary code via a crafted XML payload. network low complexity fishbowlinventory CWE-502 critical	9.8
2022-08-19	CVE-2022-2886	Deserialization of Untrusted Data vulnerability in Laravel A vulnerability, which was classified as critical, was found in Laravel 5.1. network low complexity laravel CWE-502	8.8
2022-08-17	CVE-2022-2870	Deserialization of Untrusted Data vulnerability in Laravel A vulnerability was found in laravel 5.1 and classified as problematic. network low complexity laravel CWE-502 critical	9.8
2022-08-15	CVE-2022-36006	Deserialization of Untrusted Data vulnerability in Arvados Arvados is an open source platform for managing, processing, and sharing genomic and other large scientific and biomedical data. network low complexity arvados CWE-502	8.8
2022-08-04	CVE-2022-33947	Deserialization of Untrusted Data vulnerability in F5 Big-Ip Domain Name System In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, a vulnerability exists in undisclosed pages of the BIG-IP DNS Traffic Management User Interface (TMUI) that allows an authenticated attacker with at least operator role privileges to cause the Tomcat process to restart and perform unauthorized DNS requests and operations through undisclosed requests. network low complexity f5 CWE-502	6.5
2022-08-03	CVE-2022-28684	Deserialization of Untrusted Data vulnerability in Devexpress 22.1.0 This vulnerability allows remote attackers to execute arbitrary code on affected installations of DevExpress. network low complexity devexpress CWE-502	8.8
2022-08-02	CVE-2022-35223	Deserialization of Untrusted Data vulnerability in Easyuse Mailhunter Ultimate 2020 EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation vulnerability. network low complexity easyuse CWE-502 critical	9.8
2022-07-25	CVE-2022-35870	Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition 8.1.15 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). local low complexity inductiveautomation CWE-502	7.8