PT-2026-41987

Name of the Vulnerable Software and Affected Versions Jaspersoft Reports Library affected versions not specified Description A Java deserialization issue exists in the Jaspersoft Reports Library. This flaw can lead to Remote Code Execution RCE, which is a type of attack where an attacker can...

EUVD-2020-18748

Malware in sbrugna...

EUVD-2019-9408

Malware in sbrugna...

EUVD-2017-12328

Malware in sbrugna...

EUVD-2022-40543

Malicious code in bioql PyPI...

EUVD-2025-20343

Malicious code in bioql PyPI...

EUVD-2025-19054

Malicious code in bioql PyPI...

CVE-2025-2566

Kaleris NAVIS N4 ULC Ultra Light Client contains an unsafe Java deserialization vulnerability. An unauthenticated attacker can make specially crafted requests to execute arbitrary code on the server...

CVE-2025-2566

Kaleris NAVIS N4 ULC Ultra Light Client contains an unsafe Java deserialization vulnerability. An unauthenticated attacker can make specially crafted requests to execute arbitrary code on the server...

CVE-2025-2566 Deserialization of Untrusted Data in Kaleris Navis N4

Kaleris NAVIS N4 ULC Ultra Light Client contains an unsafe Java deserialization vulnerability. An unauthenticated attacker can make specially crafted requests to execute arbitrary code on the server...

CVE-2020-19229

Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. Because of this version of the java deserialization vulnerability, an attacker could exploit the vulnerability to execute arbitrary commands via the rememberMe parameter...

CVE-2019-19810

Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending crafted RMI requests to execute arbitrary code on the target host...

📄 Tomcat Partial PUT Java Deserialization

This Metasploit module exploits a Java deserialization vulnerability in Apache Tomcats session restoration functionality that can be exploited with a partial HTTP PUT request to place an attacker controlled deserialization payload in the tomcatrootdir/webapps/ROOT/ directory. For the exploit to...

CVE-2025-20124 Cisco Identity Services Engine Java Deserialization Vulnerability

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute arbitrary commands as the root user on an affected device. This vulnerability is due to insecure deserialization of user-supplied Java byte streams by the affected software. An attacker could exploit...

CVE-2024-53673

A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code...

CVE-2024-53673

A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code...

CVE-2023-25581

The CVE-2023-25581 entry concerns pac4j-core before 4.0.0, where a Java deserialization vulnerability in UserProfile attributes can be triggered by a serialized object with a {#sb64} prefix and Base64 encoding, potentially leading to RCE. Affected versions are prior to 4.0.0; 4.0.0 and later are ...

Deserialization of untrusted data

nGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to execute arbitrary code via unsafe Java objects deserialization...

PT-2023-13560 · Hewlett Packard · Hpe Serviceguard Manager

Name of the Vulnerable Software and Affected Versions: Serviceguard Manager affected versions not specified Description: The issue is related to an unauthenticated Java deserialization vulnerability. Recommendations: At the moment, there is no information about a newer version that contains a fix...

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.9 Security update (Important) (RHSA-2023:0553)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0553 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...