Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deserialization vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2021-27240
This vulnerability allows local malicious users to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specifi...
Solarwinds Patch Manager 2020.2.1
891
VMScore
CVE-2018-0147
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote malicious user to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of...
Cisco Secure Access Control System 5.2\\(0.3\\)
1 Article
NA
CVE-2023-28323
A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights. This exploit could potentially be used in conjunction with other OS (Operating System) vulnerabilities to escalate privileges on the machine or...
Ivanti Endpoint Manager 2022
Ivanti Endpoint Manager
NA
CVE-2023-50218
Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to e...
NA
CVE-2023-50219
Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to explo...
NA
CVE-2023-50220
Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to ...
NA
CVE-2023-50223
Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is requ...
NA
CVE-2022-38111
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
Solarwinds Orion Platform 2022.4.1
NA
CVE-2023-51576
Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulne...
NA
CVE-2023-27978
A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution when an attacker gets the user to open a malicious file. Affected Products: IGSS Da...
Schneider-electric Custom Reports
Schneider-electric Igss Dashboard
Schneider-electric Igss Data Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »