Vulnerabilities > Deserialization of Untrusted Data
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-08 | CVE-2018-7889 | Deserialization of Untrusted Data vulnerability in Calibre-Ebook Calibre 3.18.0 gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call. | 7.8 |
2018-03-08 | CVE-2018-0147 | Deserialization of Untrusted Data vulnerability in Cisco Secure Access Control System 5.2(0.3) A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. | 9.8 |
2018-02-27 | CVE-2017-15693 | Deserialization of Untrusted Data vulnerability in Apache Geode In Apache Geode before v1.4.0, the Geode server stores application objects in serialized form. | 7.5 |
2018-02-27 | CVE-2017-15692 | Deserialization of Untrusted Data vulnerability in Apache Geode In Apache Geode before v1.4.0, the TcpServer within the Geode locator opens a network port that deserializes data. | 9.8 |
2018-02-26 | CVE-2018-7489 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. | 9.8 |
2018-02-15 | CVE-2017-8967 | Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center 7.3 A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found. | 8.8 |
2018-02-15 | CVE-2017-8966 | Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center 7.3 A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found. | 8.8 |
2018-02-15 | CVE-2017-8965 | Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center 7.3 A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found. | 8.8 |
2018-02-15 | CVE-2017-8964 | Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center 7.3 A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found. | 8.8 |
2018-02-15 | CVE-2017-8963 | Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center 7.3 A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found. | 8.8 |