Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2025/12/23 9:4 p.m.10 views

CVE-2025-14930

CVE-2025-14930 affects Hugging Face Transformers GLM4: the vulnerability is in the weight parsing/ deserialization of untrusted data, allowing arbitrary code execution in the current user context when a user processes a malicious GLM4 model or file. Root cause: insufficient validation during pars...

7.8CVSS7.9AI score0.00477EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2025/12/18 9:30 a.m.1 views

EUVD-2025-204107

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Contact Form 7 pdf-for-contact-form-7 allows Object Injection.This issue affects PDF for Contact Form 7: from n/a through = 6.3.4...

8.8CVSS6.5AI score0.00118EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/09/18 10:1 p.m.10 views

CVE-2025-10035 Deserialization Vulnerability in GoAnywhere MFT's License Servlet

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection...

10CVSS0.62239EPSS
Exploits2References1
Vulnrichment
Vulnrichmentadded 2025/07/04 11:17 a.m.2 views

CVE-2025-49417 WordPress WooCommerce Product Multi-Action plugin <= 1.3 - Deserialization of untrusted data Vulnerability

Deserialization of Untrusted Data vulnerability in BestWpDeveloper WooCommerce Product Multi-Action Woo-product-multiaction allows Object Injection.This issue affects WooCommerce Product Multi-Action: from n/a through = 1.3...

9.8CVSS5.2AI score0.00369EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/02/09 12:0 a.m.2 views

PT-2024-19457 · Allegra · Allegra

Name of the Vulnerable Software and Affected Versions: Allegra affected versions not specified Description: The issue concerns the deserialization of untrusted data, potentially leading to remote code execution. Recommendations: At the moment, there is no information about a newer version that...

7.5AI score
Exploits0References1
OSV
OSVadded 2022/05/23 7:16 p.m.3 views

CVE-2021-32935

The affected Cognex product, the In-Sight OPC Server versions v5.7.4 96 and prior, deserializes untrusted data, which could allow a remote attacker access to system level permission commands and local privilege escalation...

9.8CVSS5.8AI score0.0055EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2020/06/18 12:25 p.m.34 views

CVE-2020-11973

A flaw was found in camel. Apache Camel RabbitMQ enables java deserialization, by default, without any means of disabling which can lead to arbitrary code being executed. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation...

7.5CVSS4.3AI score0.14103EPSS
Exploits0References3
BDU FSTEC
BDU FSTECadded 2016/04/20 12:0 a.m.2 views

The vulnerability of the Cisco Evolved Programmable Network Manager, a software tool for managing network services, and the Cisco Prime Infrastructure, a software tool for managing network lifecycles, allows a perpetrator to execute arbitrary code.

The vulnerabilities of the Cisco Evolved Programmable Network Manager and the Cisco Prime Infrastructure network lifecycle management software exist due to insufficient verification of input data. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code using specially...

9.3CVSS0.02322EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder