Vulnerabilities > Deserialization of Untrusted Data
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-24 | CVE-2021-31010 | Deserialization of Untrusted Data vulnerability in Apple products A deserialization issue was addressed through improved validation. | 7.5 |
2021-08-23 | CVE-2021-39150 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39152 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39144 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-18 | CVE-2021-21867 | Deserialization of Untrusted Data vulnerability in Codesys 3.5.16.0/3.5.17.0 An unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream.ProfileByteArray functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. | 6.8 |
2021-08-18 | CVE-2021-21868 | Deserialization of Untrusted Data vulnerability in Codesys 3.5.16.0/3.5.17.0 An unsafe deserialization vulnerability exists in the ObjectManager.plugin Project.get_MissingTypes() functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. | 6.8 |
2021-08-06 | CVE-2021-37544 | Deserialization of Untrusted Data vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization. | 7.5 |
2021-08-05 | CVE-2021-37632 | Deserialization of Untrusted Data vulnerability in Config LIB Project Config LIB SuperMartijn642's Config Lib is a library used by a number of mods for the game Minecraft. | 6.8 |
2021-08-05 | CVE-2021-21863 | Deserialization of Untrusted Data vulnerability in Codesys Development System 3.5.16.0/3.5.17.0 A unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile() functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. | 7.8 |
2021-08-05 | CVE-2021-34371 | Deserialization of Untrusted Data vulnerability in Neo4J Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. | 7.5 |