Vulnerabilities > Deserialization of Untrusted Data

DATE CVE VULNERABILITY TITLE RISK
2019-06-12 CVE-2019-7840 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a deserialization of untrusted data vulnerability.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2019-06-06 CVE-2019-12760 Deserialization of Untrusted Data vulnerability in Parso Project Parso
A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache.
network
high complexity
parso-project CWE-502
7.5
7.5
2019-06-06 CVE-2019-11080 Deserialization of Untrusted Data vulnerability in Sitecore Experience Platform
Sitecore Experience Platform (XP) prior to 9.1.1 is vulnerable to remote code execution via deserialization, aka TFS # 293863.
network
low complexity
sitecore CWE-502
8.8
8.8
2019-06-05 CVE-2019-11956 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
network
low complexity
hp CWE-502
8.8
8.8
2019-06-05 CVE-2019-11950 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
network
low complexity
hp CWE-502
8.8
8.8
2019-06-05 CVE-2019-5350 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
network
low complexity
hp CWE-502
8.8
8.8
2019-06-05 CVE-2019-11945 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
network
low complexity
hp CWE-502
critical
 9.8
9.8
2019-06-05 CVE-2019-11944 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
network
low complexity
hp CWE-502
critical
 9.8
9.8
2019-05-31 CVE-2019-10069 Deserialization of Untrusted Data vulnerability in Godotengine Godot
In Godot through 3.1, remote code execution is possible due to the deserialization policy not being applied correctly.
network
low complexity
godotengine CWE-502
critical
 9.8
9.8
2019-05-31 CVE-2019-9875 Deserialization of Untrusted Data vulnerability in Sitecore CMS
Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter.
network
low complexity
sitecore CWE-502
8.8
8.8