Total
1207 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-1000248 | 1 Redis-store | 1 Redis-store | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis | |||||
CVE-2017-17672 | 1 Vbulletin | 1 Vbulletin | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cacheTemplates() function, which is a publicly exposed API. This is exploited with the templateidlist parameter to ajax/api/template/cacheTemplates. | |||||
CVE-2017-11153 | 1 Synology | 1 Photo Station | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to gain administrator privileges via a crafted serialized payload. | |||||
CVE-2017-11283 | 1 Adobe | 1 Coldfusion | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. | |||||
CVE-2017-4914 | 1 Vmware | 1 Vsphere Data Protection | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance. | |||||
CVE-2017-0903 | 4 Canonical, Debian, Redhat and 1 more | 9 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 6 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution. | |||||
CVE-2017-12796 | 1 Openmrs | 1 Openmrs | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system commands by crafting malicious XML payloads, as demonstrated by a single admin/reports/reportSchemaXml.form request. | |||||
CVE-2017-2295 | 2 Debian, Puppet | 2 Debian Linux, Puppet | 2023-12-10 | 6.0 MEDIUM | 8.2 HIGH |
Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code execution. This change constrains the format of data on the wire to PSON or safely decoded YAML. | |||||
CVE-2017-1000207 | 1 Swagger | 2 Swagger-codegen, Swagger-parser | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
A vulnerability in Swagger-Parser's version <= 1.0.30 and Swagger codegen version <= 2.2.2 yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen (<= 2.2.2) and can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification. | |||||
CVE-2017-12149 | 1 Redhat | 1 Jboss Enterprise Application Platform | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data. | |||||
CVE-2017-1000208 | 1 Swagger | 2 Swagger-codegen, Swagger-parser | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
A vulnerability in Swagger-Parser's (version <= 1.0.30) yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen (<= 2.2.2) and can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification. | |||||
CVE-2016-3690 | 1 Redhat | 1 Jboss Enterprise Application Platform | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote attackers to execute arbitrary code via a crafted serialized payload. | |||||
CVE-2017-7504 | 1 Redhat | 1 Jboss Enterprise Application Platform | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the JbossMQ implementation, which is enabled by default in Red Hat Jboss Application Server <= Jboss 4.X does not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized data. | |||||
CVE-2017-7293 | 1 Dolby | 2 Dolby Audio X2, Dolby Audio X3 | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
The Dolby DAX2 and DAX3 API services are vulnerable to a privilege escalation vulnerability that allows a normal user to get arbitrary system privileges, because these services have .NET code for DCOM. This affects Dolby Audio X2 (DAX2) 1.0, 1.0.1, 1.1, 1.1.1, 1.2, 1.3, 1.3.1, 1.3.2, 1.4, 1.4.1, 1.4.2, 1.4.3, and 1.4.4 and Dolby Audio X3 (DAX3) 1.0 and 1.1. An example affected driver is Realtek Audio Driver 6.0.1.7898 on a Lenovo P50. | |||||
CVE-2016-6809 | 1 Apache | 2 Nutch, Tika | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization. | |||||
CVE-2016-4483 | 3 Debian, Oracle, Xmlsoft | 3 Debian Linux, Solaris, Libxml2 | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627. | |||||
CVE-2016-10304 | 1 Sap | 1 Netweaver Application Server Java | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788. | |||||
CVE-2017-5830 | 1 Revive-adserver | 1 Revive Adserver | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts. | |||||
CVE-2016-0360 | 1 Ibm | 1 Websphere Mq Jms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457. | |||||
CVE-2017-3066 | 1 Adobe | 1 Coldfusion | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution. |