Total
934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-8884 | 1 Proofpoint | 1 Insider Threat Management | 2021-01-13 | 9.0 HIGH | 8.8 HIGH |
| rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes. | |||||
| CVE-2020-35932 | 1 Tribulant | 1 Newsletter | 2021-01-11 | 6.0 MEDIUM | 8.8 HIGH |
| Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress allows authenticated remote attackers with minimal privileges (such as subscribers) to use the tpnc_render AJAX action to inject arbitrary PHP objects via the options[inline_edits] parameter. NOTE: exploitability depends on PHP objects that might be present with certain other plugins or themes. | |||||
| CVE-2020-35939 | 1 Pickplugins | 2 Post Grid, Team Showcase | 2021-01-11 | 6.0 MEDIUM | 8.8 HIGH |
| PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action must be set to team_import_xml_layouts. | |||||
| CVE-2020-10655 | 1 Proofpoint | 1 Insider Threat Management Server | 2021-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. | |||||
| CVE-2020-10656 | 1 Proofpoint | 1 Insider Threat Management Server | 2021-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. | |||||
| CVE-2020-10657 | 1 Proofpoint | 1 Insider Threat Management Server | 2021-01-08 | 6.5 MEDIUM | 7.2 HIGH |
| The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker (with admin or config-admin privileges in the console) to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. | |||||
| CVE-2020-10658 | 1 Proofpoint | 1 Insider Threat Management Server | 2021-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. | |||||
| CVE-2019-4728 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2021-01-07 | 9.0 HIGH | 8.8 HIGH |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with SYSTEM privileges. IBM X-Force ID: 172452. | |||||
| CVE-2019-7725 | 1 Nukeviet | 1 Nukeviet | 2021-01-05 | 7.5 HIGH | 9.8 CRITICAL |
| includes/core/is_user.php in NukeViet before 4.3.04 deserializes the untrusted nvloginhash cookie (i.e., the code relies on PHP's serialization format when JSON can be used to eliminate the risk). | |||||
| CVE-2020-22083 | 1 Jsonpickle Project | 1 Jsonpickle | 2020-12-23 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** jsonpickle through 1.4.1 allows remote code execution during deserialization of a malicious payload through the decode() function. Note: It has been argued that this is expected and clearly documented behaviour. pickle is known to be capable of causing arbitrary code execution, and must not be used with un-trusted data. | |||||
| CVE-2020-20136 | 1 Quantconnect | 1 Lean | 2020-12-15 | 7.5 HIGH | 9.8 CRITICAL |
| QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library. | |||||
| CVE-2020-9301 | 1 Linuxfoundation | 1 Spinnaker | 2020-12-14 | 6.5 MEDIUM | 8.8 HIGH |
| Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all versions prior to version 1.23.4, 1.22.4 or 1.21.5. The vulnerability exists within the handling of SpEL expressions that allows an attacker to read and write arbitrary files within the orca container via authenticated HTTP POST requests. | |||||
| CVE-2019-7214 | 1 Smartertools | 1 Smartermail | 2020-12-09 | 10.0 HIGH | 9.8 CRITICAL |
| SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch. | |||||
| CVE-2019-0192 | 2 Apache, Netapp | 2 Solr, Storage Automation Store | 2020-12-09 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side. | |||||
| CVE-2020-27131 | 1 Cisco | 1 Security Manager | 2020-11-30 | 10.0 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. These vulnerabilities are due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit these vulnerabilities by sending a malicious serialized Java object to a specific listener on an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the device with the privileges of NT AUTHORITY\SYSTEM on the Windows target host. Cisco has not released software updates that address these vulnerabilities. | |||||
| CVE-2020-5664 | 1 Riken | 1 Xoonips | 2020-11-20 | 7.5 HIGH | 9.8 CRITICAL |
| Deserialization of untrusted data vulnerability in XooNIps 3.49 and earlier allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2020-26207 | 1 Databaseschemareader Project | 1 Dbschemareader | 2020-11-19 | 6.8 MEDIUM | 8.0 HIGH |
| DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted `.dbschema` file. The patch was released in v2.7.4.3. As a workaround, ensure `.dbschema` files from untrusted sources are not opened. | |||||
| CVE-2020-15777 | 1 Gradle | 1 Maven | 2020-11-09 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Maven Extension plugin before 1.6 for Gradle Enterprise. The extension uses a socket connection to send serialized Java objects. Deserialization is not restricted to an allow-list, thus allowing an attacker to achieve code execution via a malicious deserialization gadget chain. The socket is not bound exclusively to localhost. The port this socket is assigned to is randomly selected and is not intentionally exposed to the public (either by design or documentation). This could potentially be used to achieve remote code execution and local privilege escalation. | |||||
| CVE-2020-10721 | 1 Redhat | 1 Fabric8-maven | 2020-10-27 | 6.9 MEDIUM | 7.8 HIGH |
| A flaw was found in the fabric8-maven-plugin 4.0.0 and later. When using a wildfly-swarm or thorntail custom configuration, a malicious YAML configuration file on the local machine executing the maven plug-in could allow for deserialization of untrusted data resulting in arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2020-26945 | 1 Mybatis | 1 Mybatis | 2020-10-26 | 5.1 MEDIUM | 8.1 HIGH |
| MyBatis before 3.5.6 mishandles deserialization of object streams. | |||||