Total
934 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-19274 | 2 Debian, Phpbb | 2 Debian Linux, Phpbb | 2022-12-02 | 6.5 MEDIUM | 7.2 HIGH |
Passing an absolute path to a file_exists check in phpBB before 3.2.4 allows Remote Code Execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions. | |||||
CVE-2022-42003 | 4 Debian, Fasterxml, Netapp and 1 more | 4 Debian Linux, Jackson-databind, Oncommand Workflow Automation and 1 more | 2022-12-02 | N/A | 7.5 HIGH |
In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. Additional fix version in 2.13.4.1 and 2.12.17.1 | |||||
CVE-2022-42004 | 4 Debian, Fasterxml, Netapp and 1 more | 4 Debian Linux, Jackson-databind, Oncommand Workflow Automation and 1 more | 2022-12-02 | N/A | 7.5 HIGH |
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization. | |||||
CVE-2022-36964 | 1 Solarwinds | 1 Orion Platform | 2022-12-01 | N/A | 8.8 HIGH |
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands. | |||||
CVE-2022-41958 | 1 Super Xray Project | 1 Super Xray | 2022-11-30 | N/A | 7.8 HIGH |
super-xray is a web vulnerability scanning tool. Versions prior to 0.7 assumed trusted input for the program config which is stored in a yaml file. An attacker with local access to the file could exploit this and compromise the program. This issue has been addressed in commit `4d0d5966` and will be included in future releases. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
CVE-2022-41875 | 1 Airbnb | 1 Optica | 2022-11-30 | N/A | 9.8 CRITICAL |
A remote code execution (RCE) vulnerability in Optica allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Specially crafted JSON payloads may lead to RCE (remote code execution) on the attacked system running Optica. The vulnerability was patched in v. 0.10.2, where the call to the function `oj.load` was changed to `oj.safe_load`. | |||||
CVE-2022-3861 | 1 Muffingroup | 1 Betheme | 2022-11-30 | N/A | 8.8 HIGH |
The Betheme theme for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 26.5.1.4 via deserialization of untrusted input supplied via the import, mfn-items-import-page, and mfn-items-import parameters passed through the mfn_builder_import, mfn_builder_import_page, importdata, importsinglepage, and importfromclipboard functions. This makes it possible for authenticated attackers, with contributor level permissions and above to inject a PHP Object. The additional presence of a POP chain would make it possible for attackers to execute code, retrieve sensitive data, delete files, etc.. | |||||
CVE-2022-3490 | 1 Themehigh | 1 Checkout Field Editor For Woocommerce | 2022-11-30 | N/A | 7.2 HIGH |
The Checkout Field Editor (Checkout Manager) for WooCommerce WordPress plugin before 1.8.0 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present | |||||
CVE-2022-41922 | 1 Yiiframework | 1 Yii | 2022-11-30 | N/A | 9.8 CRITICAL |
`yiisoft/yii` before version 1.1.27 are vulnerable to Remote Code Execution (RCE) if the application calls `unserialize()` on arbitrary user input. This has been patched in 1.1.27. | |||||
CVE-2022-25647 | 4 Debian, Google, Netapp and 1 more | 6 Debian Linux, Gson, Active Iq Unified Manager and 3 more | 2022-11-28 | 5.0 MEDIUM | 7.5 HIGH |
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. | |||||
CVE-2022-3525 | 1 Librenms | 1 Librenms | 2022-11-21 | N/A | 8.8 HIGH |
Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0. | |||||
CVE-2022-45077 | 1 Muffingroup | 1 Betheme | 2022-11-18 | N/A | 8.8 HIGH |
Auth. (subscriber+) PHP Object Injection vulnerability in Betheme theme <= 26.5.1.4 on WordPress. | |||||
CVE-2022-45047 | 1 Apache | 1 Sshd | 2022-11-18 | N/A | 9.8 CRITICAL |
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server. | |||||
CVE-2022-45136 | 1 Apache | 1 Jena Sdb | 2022-11-17 | N/A | 9.8 CRITICAL |
** UNSUPPORTED WHEN ASSIGNED ** Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a result an application using Apache Jena SDB can be subject to RCE when connected to a malicious database server. Apache Jena SDB has been EOL since December 2020 and users should migrate to alternative options e.g. Apache Jena TDB 2. | |||||
CVE-2022-38650 | 1 Vmware | 1 Hyperic Server | 2022-11-16 | N/A | 10.0 CRITICAL |
** UNSUPPORTED WHEN ASSIGNED ** A remote unauthenticated insecure deserialization vulnerability exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to run arbitrary code or malware within Hyperic Server and the host operating system with the privileges of the Hyperic server process. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2022-38652 | 1 Vmware | 1 Hyperic Agent | 2022-11-16 | N/A | 9.9 CRITICAL |
** UNSUPPORTED WHEN ASSIGNED ** A remote insecure deserialization vulnerability exixsts in VMWare Hyperic Agent 5.8.6. Exploitation of this vulnerability enables a malicious authenticated user to run arbitrary code or malware within a Hyperic Agent instance and its host operating system with the privileges of the Hyperic Agent process (often SYSTEM on Windows platforms). NOTE: prior exploitation of CVE-2022-38650 results in the disclosure of the authentication material required to exploit this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2022-44559 | 1 Huawei | 2 Emui, Harmonyos | 2022-11-14 | N/A | 9.8 CRITICAL |
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | |||||
CVE-2022-44558 | 1 Huawei | 2 Emui, Harmonyos | 2022-11-14 | N/A | 9.8 CRITICAL |
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | |||||
CVE-2022-3536 | 1 Addify | 1 Role Based Pricing For Woocommerce | 2022-11-09 | N/A | 8.8 HIGH |
The Role Based Pricing for WooCommerce WordPress plugin before 1.6.3 does not have authorisation and proper CSRF checks, as well as does not validate path given via user input, allowing any authenticated users like subscriber to perform PHAR deserialization attacks when they can upload a file, and a suitable gadget chain is present on the blog | |||||
CVE-2022-31199 | 1 Netwrix | 1 Auditor | 2022-11-09 | N/A | 9.8 CRITICAL |
Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and potentially allow an unauthenticated remote attacker to execute arbitrary code as the NT AUTHORITY\SYSTEM user on affected systems, including on systems Netwrix Auditor monitors. |