Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-08 | CVE-2021-1415 | Deserialization of Untrusted Data vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code with elevated privileges equivalent to the web service process on an affected device. | 6.3 |
| 2021-04-08 | CVE-2021-1414 | Deserialization of Untrusted Data vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code with elevated privileges equivalent to the web service process on an affected device. | 6.3 |
| 2021-04-08 | CVE-2021-1413 | Deserialization of Untrusted Data vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code with elevated privileges equivalent to the web service process on an affected device. | 6.3 |
| 2021-03-29 | CVE-2021-27240 | Deserialization of Untrusted Data vulnerability in Solarwinds Patch Manager 2020.2.1 This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. | 7.2 |
| 2021-03-23 | CVE-2021-21349 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 8.6 |
| 2021-03-23 | CVE-2021-21342 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 9.1 |
| 2021-03-23 | CVE-2021-21341 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 7.5 |
| 2021-03-22 | CVE-2021-26295 | Deserialization of Untrusted Data vulnerability in Apache Ofbiz Apache OFBiz has unsafe deserialization prior to 17.12.06. | 9.8 |
| 2021-03-12 | CVE-2020-36282 | Deserialization of Untrusted Data vulnerability in Rabbitmq JMS Client JMS Client for RabbitMQ 1.x before 1.15.2 and 2.x before 2.2.0 is vulnerable to unsafe deserialization that can result in code execution via crafted StreamMessage data. | 9.8 |
| 2021-03-11 | CVE-2020-29045 | Deserialization of Untrusted Data vulnerability in Fivestarplugins Five Star Restaurant Menu The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the fdm_cart cookie in load_cart_from_cookie in includes/class-cart-manager.php. | 7.5 |