Total
1201 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-11982 | 1 Apache | 1 Airflow | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an attack can connect to the broker (Redis, RabbitMQ) directly, it was possible to insert a malicious payload directly to the broker which could lead to a deserialization attack (and thus remote code execution) on the Worker. | |||||
CVE-2020-8165 | 3 Debian, Opensuse, Rubyonrails | 3 Debian Linux, Leap, Rails | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE. | |||||
CVE-2020-15148 | 1 Yiiframework | 1 Yii | 2023-12-10 | 7.5 HIGH | 10.0 CRITICAL |
Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaround without upgrading is available in the linked advisory. | |||||
CVE-2020-1948 | 1 Apache | 1 Dubbo | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
This vulnerability can affect all Dubbo users stay on version 2.7.6 or lower. An attacker can send RPC requests with unrecognized service name or method name along with some malicious parameter payloads. When the malicious parameter is deserialized, it will execute some malicious code. More details can be found below. | |||||
CVE-2020-4271 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2023-12-10 | 6.5 MEDIUM | 6.3 MEDIUM |
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted command which would be executed as a lower privileged user. IBM X-ForceID: 175897. | |||||
CVE-2020-11113 | 4 Debian, Fasterxml, Netapp and 1 more | 32 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 29 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). | |||||
CVE-2020-8164 | 3 Debian, Opensuse, Rubyonrails | 4 Debian Linux, Backports Sle, Leap and 1 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. | |||||
CVE-2020-10969 | 4 Debian, Fasterxml, Netapp and 1 more | 31 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 28 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane. | |||||
CVE-2020-2180 | 1 Jenkins | 1 Amazon Web Services Serverless Application Model | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Jenkins AWS SAM Plugin 1.2.2 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. | |||||
CVE-2020-12760 | 1 Opennms | 2 Opennms Horizon, Opennms Meridian | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
An issue was discovered in OpenNMS Horizon before 26.0.1, and Meridian before 2018.1.19 and 2019 before 2019.1.7. The ActiveMQ channel configuration allowed for arbitrary deserialization of Java objects (aka ActiveMQ Minion payload deserialization), leading to remote code execution for any authenticated channel user regardless of its assigned permissions. | |||||
CVE-2020-7532 | 1 Schneider-electric | 1 Scadapack X70 Security Administrator | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack x70 Security Administrator (V1.2.0 and prior) which could allow arbitrary code execution when an attacker builds a custom .SDB file containing a malicious serialized buffer. | |||||
CVE-2020-15777 | 1 Gradle | 1 Maven | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in the Maven Extension plugin before 1.6 for Gradle Enterprise. The extension uses a socket connection to send serialized Java objects. Deserialization is not restricted to an allow-list, thus allowing an attacker to achieve code execution via a malicious deserialization gadget chain. The socket is not bound exclusively to localhost. The port this socket is assigned to is randomly selected and is not intentionally exposed to the public (either by design or documentation). This could potentially be used to achieve remote code execution and local privilege escalation. | |||||
CVE-2020-10740 | 1 Redhat | 1 Wildfly | 2023-12-10 | 6.0 MEDIUM | 7.5 HIGH |
A vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible in the Enterprise Application Beans(EJB) due to lack of validation/filtering capabilities in wildfly. | |||||
CVE-2020-24034 | 1 Sagemcom | 2 F\@st 5280 Router, F\@st 5280 Router Firmware | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sess_id, nonce, and ha1 values inside of the serialized session cookie, an attacker may alter the user value inside of this cookie, and assume the role and permissions of the user specified. By assuming the role of the user internal, which is inaccessible to end users by default, the attacker gains the permissions of the internal account, which includes the ability to flash custom firmware to the router, allowing the attacker to achieve a complete compromise. | |||||
CVE-2020-0082 | 1 Google | 1 Android | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
In ExternalVibration of ExternalVibration.java, there is a possible activation of an arbitrary intent due to unsafe deserialization. This could lead to local escalation of privilege to system_server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140417434 | |||||
CVE-2020-2179 | 1 Jenkins | 1 Yaml Axis | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Jenkins Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. | |||||
CVE-2018-21234 | 2 Apache, Jodd | 2 Hive, Jodd | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Jodd before 5.0.4 performs Deserialization of Untrusted JSON Data when setClassMetadataName is set. | |||||
CVE-2020-12007 | 2 Iconics, Mitsubishielectric | 11 Bizviz, Energy Analytix, Facility Analytix and 8 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A specially crafted communication packet sent to the affected devices could allow remote code execution and a denial-of-service condition due to a deserialization vulnerability. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Electric MC Works32 version 3.00A (9.50.255.02); ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server version 10.96 and prior; ICONICS GenBroker32 version 9.5 and prior. | |||||
CVE-2020-14195 | 4 Debian, Fasterxml, Netapp and 1 more | 14 Debian Linux, Jackson-databind, Active Iq Unified Manager and 11 more | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). | |||||
CVE-2020-14942 | 1 Tendenci | 1 Tendenci | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py. |