Vulnerabilities > Deserialization of Untrusted Data

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-25	CVE-2021-21869	Deserialization of Untrusted Data vulnerability in Codesys 3.5.16.0/3.5.17.0 An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. local low complexity codesys CWE-502	7.8
2021-08-24	CVE-2021-31010	Deserialization of Untrusted Data vulnerability in Apple products A deserialization issue was addressed through improved validation. network low complexity apple CWE-502	7.5
2021-08-23	CVE-2021-39150	Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle CWE-502	8.5
2021-08-23	CVE-2021-39152	Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle CWE-502	8.5
2021-08-23	CVE-2021-39144	Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project debian fedoraproject netapp oracle CWE-502	8.5
2021-08-18	CVE-2021-21867	Deserialization of Untrusted Data vulnerability in Codesys 3.5.16.0/3.5.17.0 An unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream.ProfileByteArray functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. local low complexity codesys CWE-502	7.8
2021-08-18	CVE-2021-21868	Deserialization of Untrusted Data vulnerability in Codesys 3.5.16.0/3.5.17.0 An unsafe deserialization vulnerability exists in the ObjectManager.plugin Project.get_MissingTypes() functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. local low complexity codesys CWE-502	7.8
2021-08-12	CVE-2021-37678	Deserialization of Untrusted Data vulnerability in Google Tensorflow TensorFlow is an end-to-end open source platform for machine learning. local low complexity google CWE-502	8.8
2021-08-11	CVE-2021-38585	Deserialization of Untrusted Data vulnerability in Cpanel The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). network low complexity cpanel CWE-502	7.2
2021-08-11	CVE-2021-23420	Deserialization of Untrusted Data vulnerability in Codeception This affects the package codeception/codeception from 4.0.0 and before 4.1.22, before 3.1.3. network low complexity codeception CWE-502 critical	9.8