Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-502
Total 934 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-8964 1 Hp 1 Intelligent Management Center 2018-02-24 9.0 HIGH 8.8 HIGH
A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVE-2017-8965 1 Hp 1 Intelligent Management Center 2018-02-24 9.0 HIGH 8.8 HIGH
A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVE-2017-8966 1 Hp 1 Intelligent Management Center 2018-02-24 9.0 HIGH 8.8 HIGH
A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVE-2017-5792 1 Hp 1 Intelligent Management Center 2018-02-24 7.5 HIGH 9.8 CRITICAL
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVE-2016-4385 1 Hp 1 Network Automation 2018-02-16 7.5 HIGH 7.3 HIGH
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before, and 10.1x before allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries.
CVE-2017-1000355 1 Jenkins 1 Jenkins 2018-02-15 4.0 MEDIUM 6.5 MEDIUM
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void.
CVE-2017-15703 1 Apache 1 Nifi 2018-02-12 3.5 LOW 5.0 MEDIUM
Any authenticated user (valid client certificate but without ACL permissions) could upload a template which contained malicious code and caused a denial of service via Java deserialization attack. The fix to properly handle Java deserialization was applied on the Apache NiFi 1.4.0 release. Users running a prior 1.x release should upgrade to the appropriate release.
CVE-2016-7124 1 Php 1 Php 2018-01-04 7.5 HIGH 9.8 CRITICAL
ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call.
CVE-2017-17672 1 Vbulletin 1 Vbulletin 2018-01-02 7.5 HIGH 9.8 CRITICAL
In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cacheTemplates() function, which is a publicly exposed API. This is exploited with the templateidlist parameter to ajax/api/template/cacheTemplates.
CVE-2017-8045 1 Pivotal Software 1 Spring Advanced Message Queuing Protocol 2017-12-12 7.5 HIGH 9.8 CRITICAL
In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could be crafted to exploit this and enable a remote code execution attack.
CVE-2017-1000248 1 Redis-store 1 Redis-store 2017-12-04 7.5 HIGH 9.8 CRITICAL
Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis
CVE-2017-12796 1 Openmrs 1 Openmrs 2017-11-21 10.0 HIGH 9.8 CRITICAL
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system commands by crafting malicious XML payloads, as demonstrated by a single admin/reports/reportSchemaXml.form request.
CVE-2017-12628 1 Apache 1 James Server 2017-11-08 7.2 HIGH 7.8 HIGH
The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for privilege escalation. Release 3.0.1 upgrades the incriminated library.
CVE-2015-5164 2 Pulpproject, Redhat 2 Qpid, Satellite 2017-11-08 9.0 HIGH 7.2 HIGH
The Qpid server on Red Hat Satellite 6 does not properly restrict message types, which allows remote authenticated users with administrative access on a managed content host to execute arbitrary code via a crafted message, related to a pickle processing problem in pulp.
CVE-2017-10932 1 Zte 12 Nr8000tr, Nr8000tr Firmware, Nr8120 and 9 more 2017-10-11 10.0 HIGH 9.8 CRITICAL
All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabilities by sending a crafted RMI request to execute arbitrary code on the target host.
CVE-2016-8744 1 Apache 1 Brooklyn 2017-09-29 9.0 HIGH 8.8 HIGH
Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs. SnakeYAML allows the use of YAML tags to indicate that SnakeYAML should unmarshal data to a Java type. In the default configuration in Brooklyn before 0.10.0, SnakeYAML will allow unmarshalling to any Java type available on the classpath. This could provide an authenticated user with a means to cause the JVM running Brooklyn to load and run Java code without detection by Brooklyn. Such code would have the privileges of the Java process running Brooklyn, including the ability to open files and network connections, and execute system commands. There is known to be a proof-of-concept exploit using this vulnerability.
CVE-2017-12612 1 Apache 1 Spark 2017-09-26 7.2 HIGH 7.8 HIGH
In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of data received by its socket. This makes applications launched programmatically using the launcher API potentially vulnerable to arbitrary code execution by an attacker with access to any user account on the local machine. It does not affect apps run by spark-submit or spark-shell. The attacker would be able to execute code as the user that ran the Spark application. Users are encouraged to update to version 2.2.0 or later.
CVE-2017-2292 1 Puppet 1 Mcollective 2017-09-05 7.5 HIGH 9.0 CRITICAL
Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safe_load on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a chance that third-party plugins could rely on this insecure behavior.
CVE-2017-14035 1 Crushftp 1 Crushftp 2017-09-01 7.5 HIGH 9.8 CRITICAL
CrushFTP 8.x before 8.2.0 has a serialization vulnerability.
CVE-2017-4914 1 Vmware 1 Vsphere Data Protection 2017-08-12 7.5 HIGH 9.8 CRITICAL
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance.