Lucene search
K

67 matches found

CVE
CVE
added 2025/11/25 12:0 a.m.19 views

CVE-2025-51743

Affected product: jishenghua JSH_ERP 2.3.1. The vulnerability is in the /materialCategory/addMaterialCategory endpoint and is caused by a fastjson deserialization flaw. Impact is described as high in CVSS (CRITICAL, 9.8) with network access, no authentication, and no user interaction. No exploita...

9.8CVSS6.7AI score0.00407EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/10/08 3:16 p.m.3 views

CVE-2025-60834

A fastjson deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying a crafted input...

6.5CVSS0.00329EPSS
Exploits1References2
OSV
OSV
added 2025/10/08 3:16 p.m.3 views

CVE-2025-60834

A fastjson deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying a crafted input...

6.5CVSS6.1AI score0.00329EPSS
Exploits1References2
OSV
OSV
added 2025/10/08 2:15 p.m.2 views

CVE-2025-60828

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...

6.5CVSS5.8AI score0.00326EPSS
Exploits1References2
CVE
CVE
added 2025/10/08 12:0 a.m.13 views

CVE-2025-60834

The CVE-2025-60834 issue affects uzy-ssm-mall v1.1.0 and is caused by a fastjson deserialization flaw that allows arbitrary code execution when processing crafted input. Public references across NVD/Red Hat/CNNVD/CIRCL/CVE lists confirm the same description; exploitation status is not detailed in...

6.5CVSS7.5AI score0.00329EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/10/08 12:0 a.m.4 views

uzy-ssm-mall 安全漏洞

uzy-ssm-mall yuzu cloud e-commerce is an SSM framework by ghostxbh individual developer for building e-commerce, bookstore malls, customer management, and more. A security vulnerability exists in uzy-ssm-mall version 1.1.0, which stems from improper fastjson deserialization and could lead to the...

6.5CVSS7AI score0.00329EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/10/08 12:0 a.m.8 views

CVE-2025-60834

A fastjson deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying a crafted input...

0.00329EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/08 12:0 a.m.3 views

EUVD-2025-33164

A fastjson deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying a crafted input...

6.5CVSS7.3AI score0.00329EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/10/08 12:0 a.m.8 views

WukongCRM 安全漏洞

WukongCRM is a Customer Relationship Management CRM system from Wukong, China. A security vulnerability exists in WukongCRM version 9.0-JAVA, which stems from a fastjson deserialization issue in the /OaExamine/setOaExamine interface that could lead to arbitrary code execution...

6.5CVSS7.7AI score0.00326EPSS
Exploits1References3
CVE
CVE
added 2025/10/08 12:0 a.m.20 views

CVE-2025-60828

CVE-2025-60828 affects WukongCRM-9.0-JAVA through a fastjson deserialization vulnerability at the /OaExamine/setOaExamine endpoint. According to the NVD entry, the CVSSv3.1 base score is 6.5 (Medium): Network attack vector, no authentication required, user interaction not needed, with Confidentia...

6.5CVSS7AI score0.00326EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/10/08 12:0 a.m.8 views

CVE-2025-60828

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...

0.00326EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/10/08 12:0 a.m.4 views

CVE-2025-60828

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...

7AI score0.00326EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/10/08 12:0 a.m.8 views

PT-2025-41259

Name of the Vulnerable Software and Affected Versions WukongCRM version 9.0-JAVA Description The software contains a fastjson deserialization issue through the /OaExamine/setOaExamine API endpoint. The vulnerability is triggered via this interface. Recommendations At the moment, there is no...

6.5CVSS6.6AI score0.00326EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/10/08 12:0 a.m.3 views

PT-2025-41267

Name of the Vulnerable Software and Affected Versions uzy-ssm-mall version 1.1.0 Description A fastjson deserialization issue exists in uzy-ssm-mall version 1.1.0. This allows attackers to execute arbitrary code by providing a specially crafted input. The vulnerability relates to how the software...

6.5CVSS7.4AI score0.00329EPSS
Exploits1References5
OSV
OSV
added 2025/01/15 12:15 a.m.5 views

CVE-2024-57766

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/editField...

9.1CVSS5.8AI score0.00494EPSS
Exploits1References1
OSV
OSV
added 2025/01/15 12:15 a.m.6 views

CVE-2024-57764

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add...

9.1CVSS5.8AI score0.00494EPSS
Exploits1References1
NVD
NVD
added 2025/01/15 12:15 a.m.18 views

CVE-2024-57763

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/addField...

9.1CVSS0.00494EPSS
Exploits1References1
NVD
NVD
added 2025/01/15 12:15 a.m.14 views

CVE-2024-57764

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add...

9.1CVSS0.00494EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.3 views

Mysiteforme 安全漏洞

Mysiteforme is a permissions management system for wangl1989 individual developers. A security vulnerability exists in Mysiteforme versions prior to 2025.01.01, which stems from the inclusion of a fastjson deserialization vulnerability discovered via the component system/table/add...

9.1CVSS6.8AI score0.00494EPSS
Exploits1References1
CVE
CVE
added 2025/01/14 12:0 a.m.50 views

CVE-2024-57766

CVE-2024-57766 affects MSFM prior to 2025-01-01, with a fastjson deserialization vulnerability in the component system/table/editField. The CVSS v3.1 base score is 9.1 (CRITICAL): Network attack, no user interaction, no privileges required, with high confidentiality and integrity impact. Document...

9.1CVSS7.5AI score0.00494EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder