Vulnerabilities > Deserialization of Untrusted Data

DATE CVE VULNERABILITY TITLE RISK
2024-01-08 CVE-2024-0302 Deserialization of Untrusted Data vulnerability in Fhs-Opensource Iparking 1.5.22
A vulnerability, which was classified as critical, has been found in fhs-opensource iparking 1.5.22.RELEASE.
network
low complexity
fhs-opensource CWE-502
critical
9.8
2024-01-03 CVE-2023-49442 Deserialization of Untrusted Data vulnerability in Jeecg
Deserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and earlier allows attackers to run arbitrary code via crafted POST request.
network
low complexity
jeecg CWE-502
critical
9.8
2024-01-03 CVE-2023-51785 Deserialization of Untrusted Data vulnerability in Apache Inlong 1.7.0/1.8.0/1.9.0
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.9.0, the attackers can make a arbitrary file read attack using mysql driver. Users are advised to upgrade to Apache InLong's 1.10.0 or cherry-pick [1] to solve it. [1]  https://github.com/apache/inlong/pull/9331
network
low complexity
apache CWE-502
7.5
2023-12-31 CVE-2023-49777 Deserialization of Untrusted Data vulnerability in Yithemes Yith Woocommerce Product Add-Ons
Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.3.0.
network
low complexity
yithemes CWE-502
8.8
2023-12-31 CVE-2023-52181 Deserialization of Untrusted Data vulnerability in Presslabs Theme PER User 1.0/1.0.1
Deserialization of Untrusted Data vulnerability in Presslabs Theme per user.This issue affects Theme per user: from n/a through 1.0.1.
network
low complexity
presslabs CWE-502
critical
9.8
2023-12-31 CVE-2023-52182 Deserialization of Untrusted Data vulnerability in Ari-Soft ARI Stream Quiz
Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0.
network
low complexity
ari-soft CWE-502
8.8
2023-12-29 CVE-2023-51414 Deserialization of Untrusted Data vulnerability in Donweb Envialosimple:Email Marketing Y Newsletters
Deserialization of Untrusted Data vulnerability in EnvialoSimple EnvíaloSimple: Email Marketing y Newsletters.This issue affects EnvíaloSimple: Email Marketing y Newsletters: from n/a through 2.1.
network
low complexity
donweb CWE-502
critical
9.8
2023-12-29 CVE-2023-51422 Deserialization of Untrusted Data vulnerability in Saleswonder Webinarignition
Deserialization of Untrusted Data vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition: from n/a through 3.05.0.
network
low complexity
saleswonder CWE-502
8.8
2023-12-29 CVE-2023-51470 Deserialization of Untrusted Data vulnerability in Boiteasite Rencontre
Deserialization of Untrusted Data vulnerability in Jacques Malgrange Rencontre – Dating Site.This issue affects Rencontre – Dating Site: from n/a through 3.11.1.
network
low complexity
boiteasite CWE-502
8.8
2023-12-29 CVE-2023-51505 Deserialization of Untrusted Data vulnerability in Pluginus Woot
Deserialization of Untrusted Data vulnerability in realmag777 Active Products Tables for WooCommerce.
network
low complexity
pluginus CWE-502
critical
9.8