CVE-2021-27335

KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter...

MiracleLinux 8 : prometheus-jmx-exporter-0.12.0-9.el8 (AXSA:2022-4526:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4526:04 advisory. SnakeYaml: Constructor Deserialization Remote Code Execution CVE-2022-1471 Tenable has extracted the preceding description block directly from the MiracleLin...

Metasploit Wrap-Up 11/14/2025

It has “SUS” in the name, what did you expect? This week’s release features the much-hyped CVE-2025-59287, a Critical-Severity Windows Server Update Service WSUS vulnerability that allows for SYSTEM level remote code execution. Documented among the multiple recent zero-days in Windows, the...

EUVD-2018-19603

Malware in sbrugna...

EUVD-2025-24609

Malicious code in bioql PyPI...

EUVD-2022-15690

Malicious code in bioql PyPI...

EUVD-2022-3107

Malicious code in bioql PyPI...

EUVD-2024-3197

Malicious code in bioql PyPI...

Mahara 21.10 < 21.10.6, 22.04 < 22.04.4, 22.10 < 22.10.1 Multiple Vulnerabilities

Mahara is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mahara:mahara"; if description...

CVE-2025-54366

FreeScout is a lightweight free open source help desk and shared inbox built with PHP Laravel framework. In versions 1.8.185 and below, there is a critical deserialization vulnerability in the /conversation/ajax endpoint that allows authenticated users with knowledge of the APPKEY to achieve remo...

PT-2025-30950 · Freescout · Freescout

Name of the Vulnerable Software and Affected Versions: FreeScout versions prior to 1.8.186 Description: FreeScout is a lightweight free open source help desk and shared inbox built with PHP Laravel framework. Versions prior to 1.8.186 contain a critical deserialization vulnerability in the...

Exploit for Deserialization of Untrusted Data in Microsoft

📌 SharePoint WebPart Injection Exploit Toolkit 🍕 Exploit too...

CVE-2025-49214

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

USN-7584-1: Roundcube vulnerability

It was discovered that Roundcube Webmail did not properly sanitize the from parameter in a URL, leading to PHP Object Deserialization. A remote attacker could possibly use this issue to execute arbitrary code...

CVE-2025-49213

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49212 but is in a different method...

CVE-2025-49214

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

CVE-2025-49220

An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49219 but is in a different method...

CVE-2023-47174

Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal, a related issue to CVE-2016-1000027. Also, within the specific context of Thorn SFTP gateway, this leads to remote code execution...

CVE-2021-3838

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the filegetcontents function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and...

CVE-2025-30165

CVE-2025-30165 : In multi-node vLLM deployments using the V0 engine, a secondary host opens a SUB socket and deserializes inbound data with Python’s unsafe pickle over ZeroMQ XPUB/SUB, enabling remote code execution. The issue affects V0 deployments with tensor parallelism across hosts; V1 is una...