Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deserialization vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2023-36744
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
8
CVSSv3
CVE-2023-36745
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
1 Github repository
8
CVSSv3
CVE-2023-36756
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
8
CVSSv3
CVE-2023-36757
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
7.8
CVSSv3
CVE-2021-27240
This vulnerability allows local malicious users to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specifi...
Solarwinds Patch Manager 2020.2.1
9.8
CVSSv3
CVE-2018-0147
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote malicious user to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of...
Cisco Secure Access Control System 5.2\\(0.3\\)
1 Article
7.2
CVSSv3
CVE-2022-38111
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
Solarwinds Orion Platform 2022.4.1
8.8
CVSSv3
CVE-2021-34992
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Orckestra C1 CMS 6.10. Authentication is required to exploit this vulnerability. The specific flaw exists within Composite.dll. The issue results from the lack of proper valida...
Orckestra C1 Cms 6.10
9.8
CVSSv3
CVE-2021-44678
An issue (2 of 6) exists in Veritas Enterprise Vault up to and including 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited...
Veritas Enterprise Vault
7.8
CVSSv3
CVE-2023-27978
A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution when an attacker gets the user to open a malicious file. Affected Products: IGSS Da...
Schneider-electric Custom Reports
Schneider-electric Igss Dashboard
Schneider-electric Igss Data Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »