Vulnerabilities > Deserialization of Untrusted Data
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-02 | CVE-2018-12679 | Deserialization of Untrusted Data vulnerability in Coapthon3 Project Coapthon3 1.0/1.0.1 The Serialize.deserialize() method in CoAPthon3 1.0 and 1.0.1 mishandles certain exceptions, leading to a denial of service in applications that use this library (e.g., the standard CoAP server, CoAP client, example collect CoAP server and client) when they receive crafted CoAP messages. | 7.5 |
2019-03-28 | CVE-2017-18365 | Deserialization of Untrusted Data vulnerability in Github The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated remote attackers to execute arbitrary code. | 9.8 |
2019-03-26 | CVE-2019-10068 | Deserialization of Untrusted Data vulnerability in Kentico An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. | 9.8 |
2019-03-26 | CVE-2019-9055 | Deserialization of Untrusted Data vulnerability in Cmsmadesimple CMS Made Simple An issue was discovered in CMS Made Simple 2.2.8. | 8.8 |
2019-03-21 | CVE-2019-7539 | Deserialization of Untrusted Data vulnerability in Ipycache Project Ipycache 20160531 A code injection issue was discovered in ipycache through 2016-05-31. | 8.8 |
2019-03-21 | CVE-2018-20221 | Deserialization of Untrusted Data vulnerability in Deltek Ajera Secure/SAService.rem in Deltek Ajera Timesheets 9.10.16 and prior are vulnerable to remote code execution via deserialization of untrusted user input from an authenticated user. | 8.8 |
2019-03-21 | CVE-2018-19276 | Deserialization of Untrusted Data vulnerability in Openmrs OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows an unauthenticated user to execute arbitrary commands on the targeted system via crafted XML data in a request body. | 9.8 |
2019-03-21 | CVE-2018-12023 | Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. | 7.5 |
2019-03-21 | CVE-2018-12022 | Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. | 7.5 |
2019-03-07 | CVE-2019-0192 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. | 9.8 |