Lucene search
K

52 matches found

RedhatCVE
RedhatCVE
added 2025/02/14 12:19 p.m.11 views

CVE-2023-37895

Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to including 2.20.10 stable branch and 2.21.17 unstable branch use the component "commons-beanutils", which contains a class that can be used for remote...

9.8CVSS7.9AI score0.02657EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/02/06 4:1 p.m.17 views

CVE-2025-0994

Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer’s Microsoft Internet Information Services I...

8.6CVSS7.6AI score0.27426EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 2:14 p.m.6 views

CVE-2020-11067

In TYPO3 CMS 9.0.0 through 9.5.16 and 10.0.0 through 10.4.1, it has been discovered that backend user settings in $BEUSER-uc are vulnerable to insecure deserialization. In combination with vulnerabilities of third party components, this can lead to remote code execution. A valid backend user...

8.8CVSS7.6AI score0.0199EPSS
Exploits0References1
NVD
NVD
added 2024/04/01 10:15 p.m.12 views

CVE-2023-51570

Voltronic Power ViewPower Pro Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The...

9.8CVSS9.9AI score0.0104EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/16 12:0 a.m.4 views

CVE-2021-38241

Deserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary code via weak cipher in Shiro framework...

9.6AI score0.01029EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/12/15 12:39 p.m.52 views

Important: Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.4 security update

An update is now available for Red Hat build of Eclipse Vert.x. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more...

9.8CVSS7.2AI score0.99615EPSS
Exploits10References6
Vulnrichment
Vulnrichment
added 2022/12/07 12:0 a.m.4 views

CVE-2022-44371

hope-boot 1.0.0 has a deserialization vulnerability that can cause Remote Code Execution RCE...

9.8AI score0.01332EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/09/11 2:18 a.m.38 views

CVE-2020-25260

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization...

9.8AI score0.02687EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2020/04/24 12:0 a.m.130 views

Furukawa Electric ConsciusMAP 2.8.1 Java Deserialization Remote Code Execution

!/usr/bin/env python3 -- coding: utf-8 -- Furukawa Electric ConsciusMAP 2.8.1 Java Deserialization Remote Code Execution Vendor: Furukawa Electric Co., Ltd. | Tecnored SA Product web page: https://www.furukawa.co.jp | https://www.tecnoredsa.com.ar Affected version: APROS Evolution | 2.8.1 FURUKAW...

0.9AI score0.09876EPSS
Exploits5
NVD
NVD
added 2019/06/24 4:15 p.m.24 views

CVE-2019-12384

FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible...

5.9CVSS7.9AI score0.45205EPSS
Exploits2References45
CNVD
CNVD
added 2019/06/20 12:0 a.m.3 views

Oracle WebLogic Server Deserialization Remote Code Execution Vulnerability

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

9.8CVSS6.7AI score0.8883EPSS
Exploits11References1
NVD
NVD
added 2017/06/22 4:29 p.m.17 views

CVE-2017-9424

IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attackers to execute arbitrary code, related to use of TypeNameHandling in JSON deserialization...

9.8CVSS9.7AI score0.02741EPSS
Exploits0References2
Rows per page
Query Builder