Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-18 | CVE-2022-2437 | Deserialization of Untrusted Data vulnerability in Slickremix Feed Them Social The Feed Them Social – for Twitter feed, Youtube and more plugin for WordPress is vulnerable to deserialization of untrusted input via the 'fts_url' parameter in versions up to, and including 2.9.8.5. | 9.8 |
| 2022-07-18 | CVE-2022-2444 | Deserialization of Untrusted Data vulnerability in Themeisle Visualizer The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the 'remote_data' parameter in versions up to, and including 3.7.9. | 8.8 |
| 2022-07-18 | CVE-2021-41419 | Deserialization of Untrusted Data vulnerability in Qvis DVR Firmware and NVR Firmware QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization. | 9.8 |
| 2022-07-17 | CVE-2022-30981 | Deserialization of Untrusted Data vulnerability in Gentics CMS 5.43.0 An issue was discovered in Gentics CMS before 5.43.1. | 8.8 |
| 2022-07-12 | CVE-2021-36665 | Deserialization of Untrusted Data vulnerability in Druva Insync Client An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local privileges via the inSyncUpgradeDaemon. | 7.8 |
| 2022-07-01 | CVE-2022-31604 | Deserialization of Untrusted Data vulnerability in Nvidia Nvflare NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI implementation module, where The CA credentials are transported via pickle and no safe deserialization. | 9.8 |
| 2022-07-01 | CVE-2022-31605 | Deserialization of Untrusted Data vulnerability in Nvidia Nvflare NVFLARE, versions prior to 2.1.2, contains a vulnerability in its utils module, where YAML files are loaded via yaml.load() instead of yaml.safe_load(). | 9.8 |
| 2022-06-30 | CVE-2022-31115 | Deserialization of Untrusted Data vulnerability in Amazon Opensearch 1.0.0/2.0.0/2.0.1 opensearch-ruby is a community-driven, open source fork of elasticsearch-ruby. | 8.8 |
| 2022-06-29 | CVE-2022-33107 | Deserialization of Untrusted Data vulnerability in Thinkphp 6.0.12 ThinkPHP v6.0.12 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\AbstractCache.php. | 9.8 |
| 2022-06-15 | CVE-2022-20195 | Deserialization of Untrusted Data vulnerability in Google Android 12.1 In the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization. | 5.0 |