Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deserialization vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-44681
An issue (5 of 6) exists in Veritas Enterprise Vault up to and including 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited...
Veritas Enterprise Vault
9.8
CVSSv3
CVE-2021-44682
An issue (6 of 6) exists in Veritas Enterprise Vault up to and including 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited...
Veritas Enterprise Vault
NA
CVE-2023-51576
Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulne...
8.8
CVSSv3
CVE-2021-35217
Insecure Deseralization of untrusted data remote code execution vulnerability exists in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data.
Solarwinds Patch Manager
7.8
CVSSv3
CVE-2023-27978
A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution when an attacker gets the user to open a malicious file. Affected Products: IGSS Da...
Schneider-electric Custom Reports
Schneider-electric Igss Dashboard
Schneider-electric Igss Data Server
9.8
CVSSv3
CVE-2023-28323
A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights. This exploit could potentially be used in conjunction with other OS (Operating System) vulnerabilities to escalate privileges on the machine or...
Ivanti Endpoint Manager 2022
Ivanti Endpoint Manager
9.8
CVSSv3
CVE-2021-44677
An issue (1 of 6) exists in Veritas Enterprise Vault up to and including 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited...
Veritas Enterprise Vault
8.8
CVSSv3
CVE-2021-42130
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche prior to 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary code execution.
Ivanti Avalanche
NA
CVE-2023-50218
Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to e...
NA
CVE-2023-50219
Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to explo...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »