Total
934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-16755 | 1 Bmc | 1 Myit Digital Workplace | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote attackers to perform pre-authenticated remote commands execution on the Operating System running the targeted application. Affected DWP versions: versions: 3.x to 18.x, all versions, service packs, and patches are affected by this vulnerability. Affected SmartIT versions: 1.x, 2.0, 18.05, 18.08, and 19.02, all versions, service packs, and patches are affected by this vulnerability. | |||||
| CVE-2019-6446 | 2 Fedoraproject, Numpy | 2 Fedora, Numpy | 2019-09-30 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) loading serialized Python object arrays from trusted and authenticated sources. | |||||
| CVE-2019-11666 | 1 Microfocus | 1 Service Manager | 2019-09-18 | 6.8 MEDIUM | 8.8 HIGH |
| Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data. | |||||
| CVE-2019-16317 | 1 Pimcore | 1 Pimcore | 2019-09-17 | 6.5 MEDIUM | 8.8 HIGH |
| In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different vulnerability than CVE-2019-10867 and CVE-2019-16318. | |||||
| CVE-2017-18604 | 1 Sitebuilder Dynamic Components Project | 1 Sitebuilder Dynamic Components | 2019-09-11 | 5.0 MEDIUM | 7.5 HIGH |
| The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via an AJAX request. | |||||
| CVE-2017-18605 | 1 Gravitatedesign | 1 Gravitate Qa Tracker | 2019-09-10 | 7.5 HIGH | 9.8 CRITICAL |
| The gravitate-qa-tracker plugin through 1.2.1 for WordPress has PHP Object Injection. | |||||
| CVE-2018-11569 | 1 Eventum Project | 1 Eventum | 2019-09-06 | 7.5 HIGH | 9.8 CRITICAL |
| Controller/ListController.php in Eventum 3.5.0 is vulnerable to Deserialization of Untrusted Data. Fixed in version 3.5.2. | |||||
| CVE-2019-15521 | 2 Fork-cms, Spoon-library | 2 Fork Cms, Spoon Library | 2019-08-28 | 7.5 HIGH | 9.8 CRITICAL |
| Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cookie containing an object. | |||||
| CVE-2018-20987 | 1 Tribulant | 1 Newsletters | 2019-08-23 | 7.5 HIGH | 9.8 CRITICAL |
| The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection. | |||||
| CVE-2019-12240 | 1 Virim Project | 1 Virim | 2019-08-22 | 7.5 HIGH | 9.8 CRITICAL |
| The Virim plugin 0.4 for WordPress allows Insecure Deserialization via s_values, t_values, or c_values in graph.php. | |||||
| CVE-2017-9805 | 1 Apache | 1 Struts | 2019-08-12 | 6.8 MEDIUM | 8.1 HIGH |
| The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads. | |||||
| CVE-2016-10750 | 1 Hazelcast | 1 Hazelcast | 2019-08-08 | 6.8 MEDIUM | 8.1 HIGH |
| In Hazelcast before 3.11, the cluster join procedure is vulnerable to remote code execution via Java deserialization. If an attacker can reach a listening Hazelcast instance with a crafted JoinRequest, and vulnerable classes exist in the classpath, the attacker can run arbitrary code. | |||||
| CVE-2018-15133 | 1 Laravel | 1 Laravel | 2019-07-15 | 6.8 MEDIUM | 8.1 HIGH |
| In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack. | |||||
| CVE-2019-10912 | 1 Sensiolabs | 1 Symfony | 2019-07-12 | 6.5 MEDIUM | 7.1 HIGH |
| In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge. | |||||
| CVE-2019-12760 | 1 Parso Project | 1 Parso | 2019-07-05 | 6.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution. NOTE: This is disputed because "the cache directory is not under control of the attacker in any common configuration." | |||||
| CVE-2019-11011 | 1 Akamai | 1 Cloudtest | 2019-06-23 | 7.5 HIGH | 9.8 CRITICAL |
| Akamai CloudTest before 58.30 allows remote code execution. | |||||
| CVE-2016-3957 | 1 Web2py | 1 Web2py | 2019-06-21 | 7.5 HIGH | 9.8 CRITICAL |
| The secure_load function in gluon/utils.py in web2py before 2.14.2 uses pickle.loads to deserialize session information stored in cookies, which might allow remote attackers to execute arbitrary code by leveraging knowledge of encryption_key. | |||||
| CVE-2018-15890 | 1 Ethereum | 1 Ethereumj | 2019-06-20 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in EthereumJ 1.8.2. There is Unsafe Deserialization in ois.readObject in mine/Ethash.java and decoder.readObject in crypto/ECKey.java. When a node syncs and mines a new block, arbitrary OS commands can be run on the server. | |||||
| CVE-2019-12868 | 1 Misp | 1 Misp | 2019-06-18 | 6.5 MEDIUM | 7.2 HIGH |
| app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP file_exists function is used with user-controlled entries, and phar:// URLs trigger deserialization. | |||||
| CVE-2019-11080 | 1 Sitecore | 1 Experience Platform | 2019-06-13 | 9.0 HIGH | 8.8 HIGH |
| Sitecore Experience Platform (XP) prior to 9.1.1 is vulnerable to remote code execution via deserialization, aka TFS # 293863. An authenticated user with necessary permissions is able to remotely execute OS commands by sending a crafted serialized object. | |||||