Total
1207 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-11950 | 1 Hp | 1 Intelligent Management Center | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
CVE-2019-11080 | 1 Sitecore | 1 Experience Platform | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
Sitecore Experience Platform (XP) prior to 9.1.1 is vulnerable to remote code execution via deserialization, aka TFS # 293863. An authenticated user with necessary permissions is able to remotely execute OS commands by sending a crafted serialized object. | |||||
CVE-2019-9055 | 1 Cmsmadesimple | 1 Cms Made Simple | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
An issue was discovered in CMS Made Simple 2.2.8. In the module DesignManager (in the files action.admin_bulk_css.php and action.admin_bulk_template.php), with an unprivileged user with Designer permission, it is possible reach an unserialize call with a crafted value in the m1_allparms parameter, and achieve object injection. | |||||
CVE-2019-10867 | 1 Pimcore | 1 Pimcore | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to bundles/AdminBundle/Controller/Admin/DataObject/ClassController.php. | |||||
CVE-2017-18605 | 1 Gravitatedesign | 1 Gravitate Qa Tracker | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The gravitate-qa-tracker plugin through 1.2.1 for WordPress has PHP Object Injection. | |||||
CVE-2019-11830 | 1 Typo3 | 1 Pharstreamwrapper | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
PharMetaDataInterceptor in the PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism. | |||||
CVE-2019-0344 | 1 Sap | 1 Commerce Cloud | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection. | |||||
CVE-2019-0195 | 1 Apache | 1 Tapestry | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the value of the tapestry.hmac-passphrase configuration symbol, most probably the webapp's AppModule class, the value of this symbol could be used to craft a Java deserialization attack, thus running malicious injected Java code. The vector would be the t:formdata parameter from the Form component. | |||||
CVE-2019-0305 | 1 Sap | 1 Netweaver Process Integration | 2023-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
Java Server Pages (JSPs) provided by the SAP NetWeaver Process Integration (SAP_XIESR and SAP_XITOOL: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50) do not restrict or incorrectly restrict frame objects or UI layers that belong to another application or domain, resulting in Clickjacking vulnerability. Successful exploitation of this vulnerability leads to unwanted modification of user's data. | |||||
CVE-2019-9874 | 1 Sitecore | 2 Cms, Experience Platform | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2 allows an unauthenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter __CSRFTOKEN. | |||||
CVE-2019-12384 | 3 Debian, Fasterxml, Redhat | 3 Debian Linux, Jackson-databind, Enterprise Linux | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible. | |||||
CVE-2018-19276 | 1 Openmrs | 1 Openmrs | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows an unauthenticated user to execute arbitrary commands on the targeted system via crafted XML data in a request body. | |||||
CVE-2019-1010306 | 1 Teller | 1 Slanger | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Slanger 0.6.0 is affected by: Remote Code Execution (RCE). The impact is: A remote attacker can execute arbitrary commands by sending a crafted request to the server. The component is: Message handler & request validator. The attack vector is: Remote unauthenticated. The fixed version is: after commit 5267b455caeb2e055cccf0d2b6a22727c111f5c3. | |||||
CVE-2019-12086 | 2 Debian, Fasterxml | 2 Debian Linux, Jackson-databind | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation. | |||||
CVE-2019-12240 | 1 Virim Project | 1 Virim | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The Virim plugin 0.4 for WordPress allows Insecure Deserialization via s_values, t_values, or c_values in graph.php. | |||||
CVE-2019-11945 | 1 Hp | 1 Intelligent Management Center | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
CVE-2019-12868 | 1 Misp | 1 Misp | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP file_exists function is used with user-controlled entries, and phar:// URLs trigger deserialization. | |||||
CVE-2019-5350 | 1 Hp | 1 Intelligent Management Center | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
CVE-2018-20221 | 1 Deltek | 1 Ajera | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Secure/SAService.rem in Deltek Ajera Timesheets 9.10.16 and prior are vulnerable to remote code execution via deserialization of untrusted user input from an authenticated user. The executed code will run as the IIS Application Pool that is running the application. | |||||
CVE-2017-18365 | 1 Github | 1 Github | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated remote attackers to execute arbitrary code. This occurs because the enterprise session secret is always the same, and can be found in the product's source code. By sending a crafted cookie signed with this secret, one can call Marshal.load with arbitrary data, which is a problem because the Marshal data format allows Ruby objects. |