Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-01 | CVE-2019-16943 | Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. | 9.8 |
| 2019-10-01 | CVE-2019-16942 | Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. | 9.8 |
| 2019-10-01 | CVE-2019-10202 | Deserialization of Untrusted Data vulnerability in Redhat Jboss Enterprise Application Platform 7.2.0 A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. | 9.8 |
| 2019-09-27 | CVE-2019-9373 | Deserialization of Untrusted Data vulnerability in Google Android 10.0 In JobStore, there is a mismatched serialization/deserialization for the "battery-not-low" job attribute. | 2.1 |
| 2019-09-27 | CVE-2019-9365 | Deserialization of Untrusted Data vulnerability in Google Android 10.0 In Bluetooth, there is a possible deserialization error due to missing string validation. | 7.5 |
| 2019-09-26 | CVE-2019-16894 | Deserialization of Untrusted Data vulnerability in Inoideas Inoerp 4.15 download.php in inoERP 4.15 allows SQL injection through insecure deserialization. | 7.5 |
| 2019-09-26 | CVE-2019-16755 | Deserialization of Untrusted Data vulnerability in BMC Myit Digital Workplace BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote attackers to perform pre-authenticated remote commands execution on the Operating System running the targeted application. | 7.5 |
| 2019-09-17 | CVE-2019-11666 | Deserialization of Untrusted Data vulnerability in Microfocus Service Manager Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | 8.8 |
| 2019-09-16 | CVE-2019-0195 | Deserialization of Untrusted Data vulnerability in Apache Tapestry 5.4.0 Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. | 9.8 |
| 2019-09-15 | CVE-2019-16335 | Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. | 9.8 |