Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-02 | CVE-2021-21865 | Deserialization of Untrusted Data vulnerability in Codesys Development System 3.5.16.0/3.5.17.0 A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone() functionality of CODESYS GmbH CODESYS Development System 3.5.16. | 6.8 |
| 2021-08-02 | CVE-2021-21866 | Deserialization of Untrusted Data vulnerability in Codesys Development System 3.5.16.0/3.5.17.0 A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. | 7.8 |
| 2021-07-30 | CVE-2021-36766 | Deserialization of Untrusted Data vulnerability in Concretecms Concrete CMS Concrete5 through 8.5.5 deserializes Untrusted Data. | 6.5 |
| 2021-07-30 | CVE-2021-29781 | Deserialization of Untrusted Data vulnerability in IBM Partner Engagement Manager 2.0 IBM Partner Engagement Manager 2.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. | 7.5 |
| 2021-07-29 | CVE-2021-37578 | Deserialization of Untrusted Data vulnerability in Apache Juddi Apache jUDDI uses several classes related to Java's Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate transport for accessing UDDI services. | 6.8 |
| 2021-07-28 | CVE-2020-5341 | Deserialization of Untrusted Data vulnerability in Dell products Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. | 10.0 |
| 2021-07-22 | CVE-2021-35464 | Deserialization of Untrusted Data vulnerability in Forgerock AM and Openam ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. | 10.0 |
| 2021-07-21 | CVE-2021-22777 | Deserialization of Untrusted Data vulnerability in Schneider-Electric Sosafe Configurable A CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause code execution by opening a malicious project file. | 6.8 |
| 2021-07-14 | CVE-2021-34520 | Deserialization of Untrusted Data vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.1 |
| 2021-07-09 | CVE-2021-32742 | Deserialization of Untrusted Data vulnerability in Vapor Project Vapor 4.29.4 Vapor is a web framework for Swift. | 6.4 |