Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-30 | CVE-2020-14030 | Deserialization of Untrusted Data vulnerability in Ozeki NG SMS Gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. | 7.2 |
| 2020-09-17 | CVE-2020-24750 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. | 8.1 |
| 2020-09-16 | CVE-2020-7532 | Deserialization of Untrusted Data vulnerability in Schneider-Electric Scadapack X70 Security Administrator 1.2.0 A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack x70 Security Administrator (V1.2.0 and prior) which could allow arbitrary code execution when an attacker builds a custom .SDB file containing a malicious serialized buffer. | 7.8 |
| 2020-09-15 | CVE-2020-4521 | Deserialization of Untrusted Data vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java. | 8.8 |
| 2020-09-11 | CVE-2020-24164 | Deserialization of Untrusted Data vulnerability in Taoensso Nippy A deserialization flaw is present in Taoensso Nippy before 2.14.2. | 7.8 |
| 2020-09-11 | CVE-2020-25260 | Deserialization of Untrusted Data vulnerability in Hyland Onbase An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. | 9.8 |
| 2020-09-11 | CVE-2020-25259 | Deserialization of Untrusted Data vulnerability in Hyland Onbase An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. | 9.8 |
| 2020-09-11 | CVE-2020-25258 | Deserialization of Untrusted Data vulnerability in Hyland Onbase An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. | 9.8 |
| 2020-09-11 | CVE-2014-1420 | Deserialization of Untrusted Data vulnerability in Canonical Ubuntu-Ui-Toolkit 1.1.1188 On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. | 3.3 |
| 2020-09-01 | CVE-2020-24034 | Deserialization of Untrusted Data vulnerability in Sagemcom F@St 5280 Router Firmware 1.150.61 Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. | 8.8 |