Total
969 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-33963 | 1 Dataease | 1 Dataease | 2023-06-08 | N/A | 9.8 CRITICAL |
DataEase is an open source data visualization and analysis tool. Prior to version 1.18.7, a deserialization vulnerability exists in the DataEase datasource, which can be exploited to execute arbitrary code. The vulnerability has been fixed in v1.18.7. There are no known workarounds aside from upgrading. | |||||
CVE-2017-17485 | 4 Debian, Fasterxml, Netapp and 1 more | 9 Debian Linux, Jackson-databind, E-series Santricity Os Controller and 6 more | 2023-06-08 | 7.5 HIGH | 9.8 CRITICAL |
FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath. | |||||
CVE-2019-16942 | 6 Debian, Fasterxml, Fedoraproject and 3 more | 29 Debian Linux, Jackson-databind, Fedora and 26 more | 2023-06-08 | 7.5 HIGH | 9.8 CRITICAL |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling. | |||||
CVE-2018-11307 | 3 Fasterxml, Oracle, Redhat | 8 Jackson-databind, Clusterware, Communications Instant Messaging Server and 5 more | 2023-06-08 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6. | |||||
CVE-2020-8840 | 5 Debian, Fasterxml, Huawei and 2 more | 9 Debian Linux, Jackson-databind, Oceanstor 9000 and 6 more | 2023-06-08 | 7.5 HIGH | 9.8 CRITICAL |
FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter. | |||||
CVE-2023-1133 | 1 Deltaww | 1 Infrasuite Device Master | 2023-06-08 | N/A | 9.8 CRITICAL |
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which the Device-status service listens on port 10100/ UDP by default. The service accepts the unverified UDP packets and deserializes the content, which could allow an unauthenticated attacker to remotely execute arbitrary code. | |||||
CVE-2021-21741 | 1 Zte | 2 Zxv10 M910, Zxv10 M910 Firmware | 2023-06-05 | 7.5 HIGH | 9.8 CRITICAL |
There is a command execution vulnerability in a ZTE conference management system. As some services are enabled by default, the attacker could exploit this vulnerability to execute arbitrary commands by sending specific serialization command. | |||||
CVE-2023-2288 | 1 Themeisle | 1 Otter | 2023-06-05 | N/A | 8.8 HIGH |
The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP < 8.0 using the phar:// stream wrapper. | |||||
CVE-2023-20878 | 1 Vmware | 2 Cloud Foundation, Vrealize Operations | 2023-06-02 | N/A | 7.2 HIGH |
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system. | |||||
CVE-2022-4815 | 1 Hitachi | 2 Vantara Pentaho, Vantara Pentaho Business Analytics Server | 2023-06-01 | N/A | 8.8 HIGH |
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x deserialize untrusted JSON data without constraining the parser to approved classes and methods. | |||||
CVE-2023-2500 | 1 Granthweb | 1 Go Pricing | 2023-05-31 | N/A | 8.8 HIGH |
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.3.19 via deserialization of untrusted input from the 'go_pricing' shortcode 'data' parameter. This allows authenticated attackers, with subscriber-level permissions and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | |||||
CVE-2023-27068 | 1 Sitecore | 1 Experience Platform | 2023-05-30 | N/A | 9.8 CRITICAL |
Deserialization of Untrusted Data in Sitecore Experience Platform through 10.2 allows remote attackers to run arbitrary code via ValidationResult.aspx. | |||||
CVE-2023-31058 | 1 Apache | 1 Inlong | 2023-05-27 | N/A | 7.5 HIGH |
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7674 https://github.com/apache/inlong/pull/7674 to solve it. | |||||
CVE-2023-32336 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2023-05-26 | N/A | 9.8 CRITICAL |
IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. IBM X-Force ID: 255285. | |||||
CVE-2023-31890 | 1 Glazedlists | 1 Glazed Lists | 2023-05-25 | N/A | 9.8 CRITICAL |
An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode() parameter. | |||||
CVE-2023-1549 | 1 Ad Inserter Project | 1 Ad Inserter | 2023-05-23 | N/A | 7.2 HIGH |
The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present | |||||
CVE-2023-30898 | 1 Siemens | 1 Siveillance Video | 2023-05-17 | N/A | 8.8 HIGH |
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions < V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions < V21.1 HotfixRev12), Siveillance Video 2021 R2 (All versions < V21.2 HotfixRev8), Siveillance Video 2022 R1 (All versions < V22.1 HotfixRev7), Siveillance Video 2022 R2 (All versions < V22.2 HotfixRev5), Siveillance Video 2022 R3 (All versions < V22.3 HotfixRev2), Siveillance Video 2023 R1 (All versions < V23.1 HotfixRev1). The Event Server component of affected applications deserializes data without sufficient validations. This could allow an authenticated remote attacker to execute code on the affected system. | |||||
CVE-2023-30899 | 1 Siemens | 1 Siveillance Video | 2023-05-17 | N/A | 8.8 HIGH |
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions < V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions < V21.1 HotfixRev12), Siveillance Video 2021 R2 (All versions < V21.2 HotfixRev8), Siveillance Video 2022 R1 (All versions < V22.1 HotfixRev7), Siveillance Video 2022 R2 (All versions < V22.2 HotfixRev5), Siveillance Video 2022 R3 (All versions < V22.3 HotfixRev2), Siveillance Video 2023 R1 (All versions < V23.1 HotfixRev1). The Management Server component of affected applications deserializes data without sufficient validations. This could allow an authenticated remote attacker to execute code on the affected system. | |||||
CVE-2020-15777 | 1 Gradle | 1 Maven | 2023-05-16 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in the Maven Extension plugin before 1.6 for Gradle Enterprise. The extension uses a socket connection to send serialized Java objects. Deserialization is not restricted to an allow-list, thus allowing an attacker to achieve code execution via a malicious deserialization gadget chain. The socket is not bound exclusively to localhost. The port this socket is assigned to is randomly selected and is not intentionally exposed to the public (either by design or documentation). This could potentially be used to achieve remote code execution and local privilege escalation. | |||||
CVE-2023-1347 | 1 Fastlinemedia | 1 Customizer Export\/import | 2023-05-12 | N/A | 7.2 HIGH |
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present |