Lucene search
K

513 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.6 views

CVE-2021-28033

An issue was discovered in the bytestruct crate before 0.6.1 for Rust. There can be a drop of uninitialized memory if a certain deserialization method panics...

9.8CVSS6.9AI score0.01167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:23 a.m.3 views

CVE-2021-31010

A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report tha...

7.5CVSS6.4AI score0.03673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:34 a.m.10 views

CVE-2017-18365

The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated remote attackers to execute arbitrary code. This occurs because the enterprise session secret is always the same, and can be found in the product's source code. By sending a...

9.8CVSS7.9AI score0.21238EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.12 views

CVE-2020-12471

MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler...

9.8CVSS8.1AI score0.02764EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:35 a.m.7 views

CVE-2024-34274

OpenBD 20210306203917-6cbe797 is vulnerable to Deserialization of Untrusted Data. The cookies bdglobals and bdclientspot of the OpenBD software uses serialized data, which can be used to execute arbitrary code on the system. NOTE: This vulnerability only affects products that are no longer...

3.9CVSS7.7AI score0.00217EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.10 views

CVE-2021-27852

Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. This issue affects: Checkbox Survey versions prior to 7...

9.8CVSS7.7AI score0.31946EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:17 a.m.8 views

CVE-2025-1556

A vulnerability, which was classified as problematic, has been found in westboy CicadasCMS 1.0. This issue affects some unknown processing of the file /system of the component Template Management. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has bee...

9.8CVSS6.8AI score0.0061EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/31 12:5 p.m.7 views

CVE-2025-15246

A vulnerability was determined in aizuda snail-job up to 1.7.0 on macOS. Affected by this vulnerability is the function FurySerializer.deserialize of the component API. This manipulation of the argument argsStr causes deserialization. Remote exploitation of the attack is possible. The exploit has...

6.5CVSS6.7AI score0.00237EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/12/30 12:0 a.m.6 views

(0Day) Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.3AI score0.00344EPSS
Exploits0
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.5 views

Tencent HunyuanDiT 代码问题漏洞

Tencent HunyuanDiT is a diffusion model from Tencent China. A code issue vulnerability exists in Tencent HunyuanDiT that stems from a lack of validation of user-supplied data in the modelresume function, which could lead to deserialization of untrusted data and remote code execution...

7.8CVSS7.9AI score0.00411EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/18 7:22 a.m.5 views

CVE-2025-64233 WordPress Codiqa theme < 1.2.8 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in BoldThemes Codiqa codiqa allows Object Injection.This issue affects Codiqa: from n/a through 1.2.8...

9.8CVSS6.6AI score0.0032EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/17 1:26 p.m.9 views

Security Bulletin: Vulnerability in OpenPrinting CUPS affects IBM Netezza Appliance

Summary The OpenPrinting CUPS package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-58060, CVE-2025-58364 Vulnerability Details CVEID:CVE-2025-58060 DESCRIPTION: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like...

8CVSS6.7AI score0.01063EPSS
Exploits2Affected Software1
GithubExploit
GithubExploit
added 2025/12/14 12:59 p.m.146 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Advanced Scanner 🚀 !Bashhttps://img.shields...

10CVSS7.9AI score0.99562EPSS
Exploits374
OSV
OSV
added 2025/12/11 6:17 p.m.7 views

CLSA-2025-1765477018 cups: Fix of CVE-2025-58364

CVE-2025-58364: fix deserialization and validation issue in printer attributes to prevent null dereference...

6.5CVSS6.9AI score0.01063EPSS
Exploits1References1
NVD
NVD
added 2025/12/09 6:15 p.m.4 views

CVE-2025-33213

NVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in the Trainer component, where a user could cause a deserialization issue. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...

8.8CVSS0.00561EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/09 5:49 p.m.22 views

CVE-2025-33214

NVIDIA NVTabular for Linux contains a vulnerability in the Workflow component, where a user could cause a deserialization issue. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...

8.8CVSS0.00561EPSS
Exploits0References3
Nvidia
Nvidia
added 2025/12/09 12:0 a.m.13 views

Security Bulletin: NVIDIA Merlin - December 2025

NVIDIA has released an update for Merlin to address a security issue that might lead to the impacts described in this bulletin. To protect your system, clone or update this software to include the following commits: Commit 5dd11f4 or later from NVIDIA Merlin/NVTabular Commit 876f19e or later from...

8.8CVSS6.8AI score0.00561EPSS
Exploits0Affected Software2
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.5 views

NutzBoot 代码问题漏洞

NutzBoot is an enterprise microservices framework open-sourced by Nutz. A code issue vulnerability exists in NutzBoot 2.6.0-SNAPSHOT and earlier versions, which stems from a misbehavior of the function getInputStream in the file HttpServletRpcEndpoint.java, which could lead to deserialization...

6.3CVSS4.7AI score0.00317EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/25 12:0 a.m.6 views

SIGB PMB 安全漏洞

SIGB PMB is an open source integrated library management system from SIGB. A security vulnerability exists in SIGB PMB version v8.0.1.14, which originates when the component cmsrest.php deserializes an arbitrary file, which could lead to the execution of arbitrary code...

9.8CVSS7AI score0.00418EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/15 12:0 a.m.5 views

PT-2025-47117

CVE-2025-65072 - Apache Struts Deserialization Vulnerability CVE ID : CVE-2025-65072 Published : Nov. 15, 2025, 4:15 a.m. | 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

6.3AI score
Exploits0References1
Rows per page
Query Builder