Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-13 | CVE-2024-43080 | Deserialization of Untrusted Data vulnerability in Google Android In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to unsafe deserialization. | 7.8 |
| 2024-11-12 | CVE-2024-44102 | Deserialization of Untrusted Data vulnerability in Siemens Telecontrol Server Basic 3.1 A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 256 to 1000 V3.1 (6NH9910-0AA31-0AD1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 32 to 64 V3.1 (6NH9910-0AA31-0AF1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 64 to 256 V3.1 (6NH9910-0AA31-0AC1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 8 to 32 V3.1 (6NH9910-0AA31-0AB1) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 1000 V3.1 (6NH9910-0AA31-0AD0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 256 V3.1 (6NH9910-0AA31-0AC0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 32 V3.1 (6NH9910-0AA31-0AF0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 5000 V3.1 (6NH9910-0AA31-0AE0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 64 V3.1 (6NH9910-0AA31-0AB0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 8 V3.1 (6NH9910-0AA31-0AA0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic Serv Upgr (6NH9910-0AA31-0GA1) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic Upgr V3.1 (6NH9910-0AA31-0GA0) (All versions < V3.1.2.1 with redundancy configured). | 10.0 |
| 2024-11-04 | CVE-2024-10749 | Deserialization of Untrusted Data vulnerability in Thinkadmin A vulnerability, which was classified as critical, was found in ThinkAdmin up to 6.1.67. | 8.1 |
| 2024-10-31 | CVE-2024-43383 | Deserialization of Untrusted Data vulnerability in Apache Lucene.Net 4.8.0 Deserialization of Untrusted Data vulnerability in Apache Lucene.Net.Replicator. This issue affects Apache Lucene.NET's Replicator library: from 4.8.0-beta00005 through 4.8.0-beta00016. An attacker that can intercept traffic between a replication client and server, or control the target replication node URL, can provide a specially-crafted JSON response that is deserialized as an attacker-provided exception type. | 8.1 |
| 2024-10-28 | CVE-2024-50408 | Deserialization of Untrusted Data vulnerability in Kibokolabs Namaste! LMS Deserialization of Untrusted Data vulnerability in Kiboko Labs Namaste! LMS allows Object Injection.This issue affects Namaste! LMS: from n/a through 2.6.3. | 8.8 |
| 2024-10-28 | CVE-2024-50416 | Deserialization of Untrusted Data vulnerability in Wpclever WPC Shop AS a Customer for Woocommerce Deserialization of Untrusted Data vulnerability in WPClever WPC Shop as a Customer for WooCommerce allows Object Injection.This issue affects WPC Shop as a Customer for WooCommerce: from n/a through 1.2.6. | 8.8 |
| 2024-10-20 | CVE-2024-49332 | Deserialization of Untrusted Data vulnerability in Giveawayboost Giveaway Boost Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This issue affects Giveaway Boost: from n/a through 2.1.4. | 9.8 |
| 2024-10-20 | CVE-2024-49624 | Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System allows Object Injection.This issue affects Advanced Advertising System: from n/a through 1.3.1. | 9.8 |
| 2024-10-20 | CVE-2024-49625 | Deserialization of Untrusted Data vulnerability in Brandonclark Sitebuilder Dynamic Components Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components allows Object Injection.This issue affects SiteBuilder Dynamic Components: from n/a through 1.0. | 9.8 |
| 2024-10-20 | CVE-2024-49626 | Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management allows Object Injection.This issue affects Shipyaari Shipping Management: from n/a through 1.2. | 9.8 |