Vulnerabilities that can be addressed in Adobe Connect

Adobe has identified vulnerabilities in Adobe Connect versions 2025.9.15, 2025.8.157, and earlier versions. These vulnerabilities allow attackers to execute arbitrary code on the affected system. This can occur when users interact with malicious URLs or compromised web pages. The first...

Security Bulletin: Rational Performance Tester contains vulnerabilities which could result in a potential denial of service

Summary Due to the use of the Jackson Data Processor, Rational Performance Tester contains vulnerabilities could result in a potentail denial of service attack. CVE-2025-52999, CVE-2022-0468 Vulnerability Details CVEID:CVE-2025-52999 DESCRIPTION: jackson-core contains core low-level incremental...

CVE-2025-13711

Tencent TFace eval Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent TFace. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-14931

Affected software: Hugging Face smolagents. Vulnerability: Deserialization of untrusted data via parsing of pickle data, enabling Remote Code Execution. Root cause: improper validation of user-supplied data during pickle deserialization. Impact: attacker can execute code in the service account co...

Security Bulletin: IBM i is affected by Remote Code Execution, Deserialization of Untrusted Data, and Improper Access Controls vunlerabilities in IBM Java SDK and IBM Java Runtime [CVE-2025-50106, CVE-2025-30749, CVE-2025-30761, CVE-2025-30754]

Summary IBM SDK Java Technology Edition and IBM Runtime Environment Java used by IBM i to support the building and running of Java applications are vulnerable to remote code execution CVE-2025-50106, CVE-2025-30749 and deserialization of untrusted data by using APIs in the specific component...

CVE-2025-32144 WordPress Job Board Manager Plugin <= 2.1.61 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in PickPlugins Job Board Manager job-board-manager allows Object Injection.This issue affects Job Board Manager: from n/a through = 2.1.61...

PT-2024-8104 · Schneider Electric · Ecostruxure Power Monitoring Expert

Name of the Vulnerable Software and Affected Versions: EcoStruxure Power Monitoring Expert affected versions not specified Description: A Deserialization of Untrusted Data issue exists, which could allow code to be remotely executed on the server when unsafely deserialized data is posted to the w...

Microsoft SharePoint SPThemes Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of serialized instances of the SPThemes class. The issue results from the...

Delta Electronics InfraSuite Device Master 访问控制错误漏洞

Delta Electronics InfraSuite Device Master is used to simplify and automate the monitoring of critical devices by Delta Electronics of Taiwan, China. The Delta Electronics InfraSuite Device Master suffers from an access control error vulnerability that stems from deserialization of untrusted data...

PT-2022-4343 · Aveva · Aveva Edge

Name of the Vulnerable Software and Affected Versions: AVEVA Edge 2020 SP2 Patch 04201.2111.1802.0000 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious...

CVE-2022-35872

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...