Vulnerabilities > Deserialization of Untrusted Data

DATE CVE VULNERABILITY TITLE RISK
2018-02-15 CVE-2017-8962 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center 7.3
A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
network
low complexity
hp CWE-502
8.8
2018-02-15 CVE-2017-5792 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center 7.3
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
network
low complexity
hp CWE-502
critical
9.8
2018-02-15 CVE-2017-5790 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center 7.2
A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found.
network
low complexity
hp CWE-502
critical
9.8
2018-02-15 CVE-2017-12558 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.
network
low complexity
hp CWE-502
critical
9.8
2018-02-15 CVE-2017-12557 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.
network
low complexity
hp CWE-502
critical
9.8
2018-02-15 CVE-2017-12556 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.
network
low complexity
hp CWE-502
critical
9.8
2018-02-15 CVE-2016-8519 Deserialization of Untrusted Data vulnerability in HP Operations Orchestration
A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.
network
low complexity
hp CWE-502
critical
9.8
2018-02-15 CVE-2016-8511 Deserialization of Untrusted Data vulnerability in HP Network Automation
A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.
network
low complexity
hp CWE-502
critical
9.8
2018-02-15 CVE-2017-15089 Deserialization of Untrusted Data vulnerability in Infinispan
It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache.
network
low complexity
infinispan CWE-502
8.8
2018-02-09 CVE-2018-1000059 Deserialization of Untrusted Data vulnerability in Validformbuilder Validform Builder 4.5.4
ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose file contents in file system.
network
low complexity
validformbuilder CWE-502
critical
9.8