Vulnerabilities > Deserialization of Untrusted Data

DATE CVE VULNERABILITY TITLE RISK
2024-08-07 CVE-2024-36131 Deserialization of Untrusted Data vulnerability in Ivanti Endpoint Manager Mobile
An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the appliance.
network
low complexity
ivanti CWE-502
8.8
8.8
2024-07-24 CVE-2024-6327 Deserialization of Untrusted Data vulnerability in Progress Telerik Report Server
In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability.
network
low complexity
progress CWE-502
critical
 9.8
9.8
2024-07-24 CVE-2024-7067 Deserialization of Untrusted Data vulnerability in Shuttur Ecommerce-Laravel-Bootstrap
A vulnerability was found in kirilkirkov Ecommerce-Laravel-Bootstrap up to 1f1097a3448ce8ec53e034ea0f70b8e2a0e64a87.
network
low complexity
shuttur CWE-502
8.8
8.8
2024-07-22 CVE-2024-6793 Deserialization of Untrusted Data vulnerability in NI Veristand
A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution.
network
low complexity
ni CWE-502
critical
 9.8
9.8
2024-07-22 CVE-2024-6794 Deserialization of Untrusted Data vulnerability in NI Veristand
A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming Server that may result in remote code execution.
network
low complexity
ni CWE-502
critical
 9.8
9.8
2024-07-22 CVE-2024-38759 Deserialization of Untrusted Data vulnerability in Wp-Media Search & Replace
Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace search-and-replace.This issue affects Search & Replace: from n/a through 3.2.2.
network
low complexity
wp-media CWE-502
critical
 9.8
9.8
2024-07-21 CVE-2024-6944 Deserialization of Untrusted Data vulnerability in Zhongbangkeji Crmeb
A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical.
network
low complexity
zhongbangkeji CWE-502
7.5
7.5
2024-07-21 CVE-2024-6943 Deserialization of Untrusted Data vulnerability in Zhongbangkeji Crmeb
A vulnerability has been found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical.
network
low complexity
zhongbangkeji CWE-502
8.8
8.8
2024-07-17 CVE-2024-28074 Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager
It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager.
network
low complexity
solarwinds CWE-502
critical
 9.8
9.8
2024-07-15 CVE-2023-46801 Deserialization of Untrusted Data vulnerability in Apache Linkis 1.4.0/1.5.0
In Apache Linkis <= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version < 1.8.0_241.
network
low complexity
apache CWE-502
8.8
8.8