Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-26 | CVE-2020-27583 | Deserialization of Untrusted Data vulnerability in IBM Infosphere Information Server 8.5 IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code. | 9.8 |
| 2021-01-25 | CVE-2020-17532 | Deserialization of Untrusted Data vulnerability in Apache Java Chassis When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. | 8.8 |
| 2021-01-22 | CVE-2020-12525 | Deserialization of Untrusted Data vulnerability in multiple products M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage. | 7.8 |
| 2021-01-19 | CVE-2021-20190 | Deserialization of Untrusted Data vulnerability in multiple products A flaw was found in jackson-databind before 2.9.10.7. | 8.1 |
| 2021-01-18 | CVE-2021-25294 | Deserialization of Untrusted Data vulnerability in Opencats OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. | 9.8 |
| 2021-01-15 | CVE-2021-21249 | Deserialization of Untrusted Data vulnerability in Onedev Project Onedev OneDev is an all-in-one devops platform. | 8.8 |
| 2021-01-15 | CVE-2021-21247 | Deserialization of Untrusted Data vulnerability in Onedev Project Onedev OneDev is an all-in-one devops platform. | 8.8 |
| 2021-01-15 | CVE-2021-21242 | Deserialization of Untrusted Data vulnerability in Onedev Project Onedev OneDev is an all-in-one devops platform. | 9.8 |
| 2021-01-15 | CVE-2021-21243 | Deserialization of Untrusted Data vulnerability in Onedev Project Onedev OneDev is an all-in-one devops platform. | 9.8 |
| 2021-01-15 | CVE-2020-24639 | Deserialization of Untrusted Data vulnerability in Arubanetworks Airwave Glass There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. | 9.8 |