Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deserialization vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-36483
DevExpress.XtraReports.UI through v21.1 allows malicious users to execute arbitrary code via insecure deserialization.
Devexpress Devexpress
8.1
CVSSv3
CVE-2021-34520
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Server 2019
Microsoft Sharepoint Server 2016
9.8
CVSSv3
CVE-2021-40865
An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. ...
Apache Storm
1 Github repository
8.1
CVSSv3
CVE-2021-41344
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Server 2019
NA
CVE-2024-23114
Deserialization of Untrusted Data vulnerability in Apache Camel CassandraQL Component AggregationRepository which is vulnerable to unsafe deserialization. Under specific conditions it is possible to deserialize malicious payload.This issue affects Apache Camel: from 3.0.0 prior t...
9.8
CVSSv3
CVE-2018-0147
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote malicious user to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of...
Cisco Secure Access Control System 5.2\\(0.3\\)
1 Article
8.8
CVSSv3
CVE-2021-27076
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Sharepoint Foundation 2013
Microsoft Business Productivity Servers 2010
Microsoft Sharepoint Server 2019
Microsoft Sharepoint Server 2016
9.8
CVSSv3
CVE-2021-44681
An issue (5 of 6) exists in Veritas Enterprise Vault up to and including 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited...
Veritas Enterprise Vault
5.9
CVSSv3
CVE-2021-2211
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network a...
10
CVSSv3
CVE-2021-2244
Vulnerability in the Hyperion Analytic Provider Services product of Oracle Hyperion (component: JAPI) and Essbase Analytic Provider Services product of Oracle Essbase (component: JAPI). Supported versions that are affected are Hyperion Analytic Provider Services 11.1.2.4 and 12.2...
Oracle Essbase Analytic Provider Services 21.2
Oracle Hyperion Analytic Provider Services 11.1.2.4
Oracle Hyperion Analytic Provider Services 12.2.1.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »