Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deserialization vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-29108
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Server 2019
Microsoft Sharepoint Server -
9.8
CVSSv3
CVE-2021-40865
An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. ...
Apache Storm
1 Github repository
8.8
CVSSv3
CVE-2021-24066
Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Server 2019
8.1
CVSSv3
CVE-2021-41344
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Server 2019
8.8
CVSSv3
CVE-2021-36483
DevExpress.XtraReports.UI through v21.1 allows malicious users to execute arbitrary code via insecure deserialization.
Devexpress Devexpress
8.1
CVSSv3
CVE-2021-34520
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Server 2019
Microsoft Sharepoint Server 2016
9.8
CVSSv3
CVE-2018-0147
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote malicious user to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of...
Cisco Secure Access Control System 5.2\\(0.3\\)
1 Article
NA
CVE-2023-51576
Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulne...
7.8
CVSSv3
CVE-2023-27978
A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution when an attacker gets the user to open a malicious file. Affected Products: IGSS Da...
Schneider-electric Custom Reports
Schneider-electric Igss Dashboard
Schneider-electric Igss Data Server
NA
CVE-2023-50218
Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to e...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »