Vulnerabilities > Deserialization of Untrusted Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-06 | CVE-2019-12760 | Deserialization of Untrusted Data vulnerability in Parso Project Parso A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. | 7.5 |
| 2019-06-06 | CVE-2019-11080 | Deserialization of Untrusted Data vulnerability in Sitecore Experience Platform Sitecore Experience Platform (XP) prior to 9.1.1 is vulnerable to remote code execution via deserialization, aka TFS # 293863. | 9.0 |
| 2019-06-05 | CVE-2019-11956 | Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | 9.0 |
| 2019-06-05 | CVE-2019-11950 | Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | 9.0 |
| 2019-06-05 | CVE-2019-5350 | Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | 9.0 |
| 2019-06-05 | CVE-2019-11945 | Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | 10.0 |
| 2019-06-05 | CVE-2019-11944 | Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | 10.0 |
| 2019-05-31 | CVE-2019-10069 | Deserialization of Untrusted Data vulnerability in Godotengine Godot In Godot through 3.1, remote code execution is possible due to the deserialization policy not being applied correctly. | 7.5 |
| 2019-05-31 | CVE-2019-9875 | Deserialization of Untrusted Data vulnerability in Sitecore CMS Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter. | 6.5 |
| 2019-05-31 | CVE-2019-9874 | Deserialization of Untrusted Data vulnerability in Sitecore CMS and Experience Platform Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2 allows an unauthenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter __CSRFTOKEN. | 7.5 |