Total
1209 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-16112 | 1 Tylertech | 1 Eagle | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution via a crafted Java object to the recorder/ServiceManager?service=tyler.empire.settings.SettingManager URI. | |||||
CVE-2020-12469 | 1 Intelliants | 1 Subrion | 2023-12-10 | 5.5 MEDIUM | 6.5 MEDIUM |
admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit. | |||||
CVE-2020-24616 | 4 Debian, Fasterxml, Netapp and 1 more | 25 Debian Linux, Jackson-databind, Active Iq Unified Manager and 22 more | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). | |||||
CVE-2020-12133 | 1 Farukawa | 1 Electric Consciousmap | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.faces.ViewState Java deserialization. | |||||
CVE-2020-7528 | 1 Schneider-electric | 1 Scadapack 7x Remote Connect | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which could allow arbitrary code execution when an attacker builds a custom .PRJ file containing a malicious serialized buffer. | |||||
CVE-2020-5411 | 1 Pivotal Software | 1 Spring Batch | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
When configured to enable default typing, Jackson contained a deserialization vulnerability that could lead to arbitrary code execution. Jackson fixed this vulnerability by blacklisting known "deserialization gadgets". Spring Batch configures Jackson with global default typing enabled which means that through the previous exploit, arbitrary code could be executed if all of the following is true: * Spring Batch's Jackson support is being leveraged to serialize a job's ExecutionContext. * A malicious user gains write access to the data store used by the JobRepository (where the data to be deserialized is stored). In order to protect against this type of attack, Jackson prevents a set of untrusted gadget classes from being deserialized. Spring Batch should be proactive against blocking unknown "deserialization gadgets" when enabling default typing. | |||||
CVE-2020-4043 | 1 Phpmussel Project | 1 Phpmussel | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
phpMussel from versions 1.0.0 and less than 1.6.0 has an unserialization vulnerability in PHP's phar wrapper. Uploading a specially crafted file to an affected version allows arbitrary code execution (discovered, tested, and confirmed by myself), so the risk factor should be regarded as very high. Newer phpMussel versions don't use PHP's phar wrapper, and are therefore unaffected. This has been fixed in version 1.6.0. | |||||
CVE-2020-10289 | 1 Openrobotics | 1 Robot Operating System | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by an unsafe parsing of YAML values which happens whenever an action message is processed to be sent, and allows for the creation of Python objects. Through this flaw in the ROS core package of actionlib, an attacker with local or remote access can make the ROS Master, execute arbitrary code in Python form. Consider yaml.safe_load() instead. Located first in actionlib/tools/library.py:132. See links for more info on the bug. | |||||
CVE-2020-7961 | 1 Liferay | 1 Liferay Portal | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS). | |||||
CVE-2020-10644 | 1 Inductiveautomation | 1 Ignition Gateway | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information. | |||||
CVE-2020-11619 | 4 Debian, Fasterxml, Netapp and 1 more | 21 Debian Linux, Jackson-databind, Active Iq Unified Manager and 18 more | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). | |||||
CVE-2020-15842 | 1 Liferay | 2 Dxp, Liferay Portal | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 17, and 7.2 before fix pack 5, allows man-in-the-middle attackers to execute arbitrary code via crafted serialized payloads, because of insecure deserialization. | |||||
CVE-2020-25260 | 1 Hyland | 1 Onbase | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization. | |||||
CVE-2020-0132 | 1 Google | 1 Android | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
In BnAAudioService::onTransact of IAAudioService.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139473816 | |||||
CVE-2020-7660 | 1 Verizon | 1 Serialize-javascript | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
serialize-javascript prior to 3.1.0 allows remote attackers to inject arbitrary code via the function "deleteFunctions" within "index.js". | |||||
CVE-2020-2211 | 1 Jenkins | 1 Kubernetes Ci | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin 1.3 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. | |||||
CVE-2020-10915 | 1 Veeam | 1 One | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-10401. | |||||
CVE-2020-2189 | 1 Jenkins | 1 Source Code Management Filter Jervis | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Jenkins SCM Filter Jervis Plugin 0.2.1 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. | |||||
CVE-2020-4521 | 1 Ibm | 1 Maximo Asset Management | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 182396. | |||||
CVE-2019-2391 | 1 Mongodb | 1 Js-bson | 2023-12-10 | 5.5 MEDIUM | 5.4 MEDIUM |
Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. This issue affects: MongoDB Inc. js-bson library version 1.1.3 and prior to. |