Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deserialization vulnerabilities and exploits
(subscribe to this query)
764
VMScore
CVE-2015-4852
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote malicious users to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core....
Oracle Virtual Desktop Infrastructure
Oracle Weblogic Server 12.2.1.0.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.1.2.0.0
Oracle Storagetek Tape Analytics Sw Tool 2.3
2 EDB exploits
13 Github repositories
445
VMScore
CVE-2018-15812
DNN (aka DotNetNuke) 9.2 up to and including 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy.
Dnnsoftware Dotnetnuke
NA
CVE-2024-22506
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that can be used to create a user with a sufficient privilege ...
668
VMScore
CVE-2021-3287
Zoho ManageEngine OpManager prior to 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
755
VMScore
CVE-2016-4372
HPE iMC PLAT prior to 7.2 E0403P04, iMC EAD prior to 7.2 E0405P05, iMC APM prior to 7.2 E0401P04, iMC NTA prior to 7.2 E0401P01, iMC BIMS prior to 7.2 E0402P02, and iMC UAM_TAM prior to 7.2 E0405P05 allow remote malicious users to execute arbitrary commands via a crafted serializ...
Hp Intelligent Management Center User Access Management
Hp Intelligent Management Center Platform
Hp Intelligent Management Center Network Traffic Analyzer
Hp Intelligent Management Center Endpoint Admission Defense
Hp Intelligent Management Center Branch Intelligent Management System
Hp Intelligent Management Center Application Performance Manager
1 EDB exploit
668
VMScore
CVE-2020-28653
Zoho ManageEngine OpManager Stable build prior to 125203 (and Released build prior to 125233) allows Remote Code Execution via the Smart Update Manager (SUM) servlet.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
3 Github repositories
NA
CVE-2024-24725
Gibbon up to and including 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI.
1 Metasploit module
NA
CVE-2023-36050
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
1000
VMScore
CVE-2021-35464
ForgeRock AM server prior to 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the serv...
Forgerock Am
Forgerock Openam
1 Metasploit module
1 Github repository
NA
CVE_2024_2054
A Command Injection vulnerability in Artica Proxy appliance version 4.50 and 4.40 allows remote attackers to run arbitrary commands via unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects ...
1 Metasploit module
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »