Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deserialization vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-42127
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche prior to 6.3.3 using Inforail Service allows arbitrary code execution via Data Repository Service.
Ivanti Avalanche
6.5
CVSSv2
CVE-2021-42130
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche prior to 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary code execution.
Ivanti Avalanche
NA
CVE-2022-38111
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
Solarwinds Orion Platform 2022.4.1
6.5
CVSSv2
CVE-2021-27076
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Sharepoint Foundation 2013
Microsoft Business Productivity Servers 2010
Microsoft Sharepoint Server 2019
Microsoft Sharepoint Server 2016
4.3
CVSSv2
CVE-2021-2211
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network a...
6.5
CVSSv2
CVE-2021-35217
Insecure Deseralization of untrusted data remote code execution vulnerability exists in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data.
Solarwinds Patch Manager
NA
CVE-2023-50218
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The specific flaw exists within the ModuleInvoke class. The issue results from the lack of pr...
NA
CVE-2023-50219
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The specific flaw exists within the RunQuery class. The issue results from the lack of proper...
NA
CVE-2023-50220
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The specific flaw exists within the Base64Element class. The issue results from the lack of p...
NA
CVE-2023-50223
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The specific flaw exists within the ExtendedDocumentCodec class. The issue results from the l...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »