Total
1658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-29045 | 1 Fivestarplugins | 1 Five Star Restaurant Menu | 2021-03-17 | 7.5 HIGH | 9.8 CRITICAL |
| The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the fdm_cart cookie in load_cart_from_cookie in includes/class-cart-manager.php. | |||||
| CVE-2020-11972 | 2 Apache, Oracle | 4 Camel, Communications Diameter Signaling Router, Enterprise Manager Base Platform and 1 more | 2021-03-15 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0. | |||||
| CVE-2021-20076 | 1 Tenable | 1 Tenable.sc | 2021-03-10 | 6.5 MEDIUM | 8.8 HIGH |
| Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the Tenable.sc server via Hypertext Preprocessor unserialization. | |||||
| CVE-2020-29047 | 1 Thimpress | 1 Wp Hotel Booking | 2021-03-10 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the thimpress_hotel_booking_1 cookie in load in includes/class-wphb-sessions.php. | |||||
| CVE-2021-27335 | 1 Kollectapp | 1 Kollect | 2021-02-26 | 7.5 HIGH | 9.8 CRITICAL |
| KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter. | |||||
| CVE-2021-23338 | 1 Microsoft | 1 Qlib | 2021-02-25 | 6.5 MEDIUM | 7.2 HIGH |
| This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function. | |||||
| CVE-2021-22855 | 1 Hr Portal Project | 1 Hr Portal | 2021-02-24 | 7.5 HIGH | 9.8 CRITICAL |
| The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands. | |||||
| CVE-2021-26915 | 1 Netmotionsoftware | 1 Netmotion Mobility | 2021-02-24 | 9.3 HIGH | 8.1 HIGH |
| NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in webrepdb StatusServlet. | |||||
| CVE-2021-26913 | 1 Netmotionsoftware | 1 Netmotion Mobility | 2021-02-23 | 9.3 HIGH | 8.1 HIGH |
| NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in RpcServlet. | |||||
| CVE-2021-26912 | 1 Netmotionsoftware | 1 Netmotion Mobility | 2021-02-23 | 9.3 HIGH | 8.1 HIGH |
| NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in SupportRpcServlet. | |||||
| CVE-2021-27213 | 1 Pystemon Project | 1 Pystemon | 2021-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because SafeLoader and safe_load are not used. | |||||
| CVE-2021-25274 | 1 Solarwinds | 1 Orion Platform | 2021-02-08 | 10.0 HIGH | 9.8 CRITICAL |
| The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon processing of such messages, the service deserializes them in insecure manner, allowing remote arbitrary code execution as LocalSystem. | |||||
| CVE-2021-3160 | 1 Aca | 1 Assuweb | 2021-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA ASSUREX RENTES product allows a remote attacker to inject unsecure serialized Java object using a specially crafted HTTP request, resulting in an unauthenticated remote code execution on the server. | |||||
| CVE-2020-4888 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2021-02-02 | 9.0 HIGH | 8.8 HIGH |
| IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 190912. | |||||
| CVE-2020-4682 | 1 Ibm | 3 Mq, Mq Appliance, Websphere Mq | 2021-02-02 | 10.0 HIGH | 9.8 CRITICAL |
| IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization of trusted data. An attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 186509. | |||||
| CVE-2020-17532 | 1 Apache | 1 Java Chassis | 2021-01-29 | 6.0 MEDIUM | 8.8 HIGH |
| When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5 | |||||
| CVE-2021-25294 | 1 Opencats | 1 Opencats | 2021-01-26 | 10.0 HIGH | 9.8 CRITICAL |
| OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:ActivityDataGrid parameter. The PHP object injection exploit chain can leverage an __destruct magic method in guzzlehttp. | |||||
| CVE-2020-24639 | 1 Arubanetworks | 1 Airwave Glass | 2021-01-21 | 10.0 HIGH | 9.8 CRITICAL |
| There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system. | |||||
| CVE-2018-5968 | 4 Debian, Fasterxml, Netapp and 1 more | 10 Debian Linux, Jackson-databind, E-series Santricity Os Controller and 7 more | 2021-01-21 | 6.8 MEDIUM | 8.1 HIGH |
| FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist. | |||||
| CVE-2021-21247 | 1 Onedev Project | 1 Onedev | 2021-01-21 | 6.5 MEDIUM | 8.8 HIGH |
| OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the application's BasePage registers an AJAX event listener (`AbstractPostAjaxBehavior`) in all pages other than the login page. This listener decodes and deserializes the `data` query parameter. We can access this listener by submitting a POST request to any page. This issue may lead to `post-auth RCE` This endpoint is subject to authentication and, therefore, requires a valid user to carry on the attack. This issue was addressed in 4.0.3 by encrypting serialization payload with secrets only known to server. | |||||