Lucene search
+L

5426 matches found

nuclei
nuclei
added yesterday108 views

Gladinet CentreStack < 16.4.10315.56368 Use of Hard-coded Key Leads to Unauthenticated RCE

Gladinet CentreStack through 16.1.10296.56315 fixed in 16.4.10315.56368 has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors who know the machineKey to serialize a payload for server-side...

9.8CVSS7.3AI score0.93842EPSS
Exploits6References3
nuclei
nuclei
added yesterday19 views

QVIS NVR/DVR - Remote Code Execution

QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization. id: CVE-2021-41419 info: name: QVIS NVR/DVR - Remote Code Execution author: me9187 severity: critical description: | QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java...

9.8CVSS7.2AI score0.08517EPSS
Exploits1References2
nvd
nvd
added 2 days ago7 views

CVE-2026-50649

Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally...

7.8CVSS0.00939EPSS
Exploits0References1
cvelist
cvelist
added 2 days ago29 views

CVE-2026-24227

NVIDIA TensorRT for contains a vulnerability where a user might cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution...

5.3CVSS0.00482EPSS
Exploits0References3
cve
cve
added 2 days ago7 views

CVE-2026-24227

NVIDIA TensorRT for contains a vulnerability where a user might cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution...

5.3CVSS6.1AI score0.00482EPSS
Exploits0References3
cvelist
cvelist
added 2 days ago33 views

CVE-2026-24220

NVIDIA TensorRT-LLM for any platform contains a vulnerability in visual gen server, where an attacker could cause an unsafe deserialization by unauthorized zeroMQ deserialization. A successful exploit of this vulnerability might lead to code execution...

6.4CVSS0.0022EPSS
Exploits0References2
cve
cve
added 2 days ago7 views

CVE-2026-24220

NVIDIA TensorRT-LLM for any platform contains a vulnerability in visual gen server, where an attacker could cause an unsafe deserialization by unauthorized zeroMQ deserialization. A successful exploit of this vulnerability might lead to code execution...

6.4CVSS6.1AI score0.0022EPSS
Exploits0References2
nvd
nvd
added 2 days ago16 views

CVE-2026-54118

Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network...

8.8CVSS0.01287EPSS
Exploits0References1
cve
cve
added 2 days ago35 views

CVE-2026-54117

CVE-2026-54117 affects Microsoft SQL Server and is caused by deserialization of untrusted data, enabling an authorized attacker to execute code over a network. The CVSS v3.1 base score is 8.8 (HIGH) with network access, low attack complexity, and privileges required as LOW; impact to confidential...

8.8CVSS6.2AI score0.01287EPSS
Exploits0References1
mscve
mscve
added 2 days ago5 views

.NET Remote Code Execution Vulnerability

Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally...

7.8CVSS6.2AI score0.00939EPSS
Exploits0
nvd
nvd
added 2 days ago5 views

CVE-2026-12583

The Newsletters WordPress plugin before 4.15 does not prevent deserialization of untrusted input that is stored through a public form, allowing unauthenticated attackers to inject a PHP object and, via a property-oriented gadget chain bundled with the Newsletters WordPress plugin before 4.15, wri...

8.1CVSS0.00326EPSS
Exploits0References1
euvd
euvd
added 2 days ago5 views

EUVD-2026-43627

The Newsletters WordPress plugin before 4.15 does not prevent deserialization of untrusted input that is stored through a public form, allowing unauthenticated attackers to inject a PHP object and, via a property-oriented gadget chain bundled with the Newsletters WordPress plugin before 4.15, wri...

8.1CVSS6.4AI score0.00326EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2 days ago4 views

PT-2026-58718

Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally...

7.8CVSS6.2AI score0.00939EPSS
Exploits0References3
nvidia
nvidia
added 2 days ago7 views

Security Bulletin: NVIDIA TensorRT-LLM - July 2026

NVIDIA has released a software update for NVIDIA® TensorRT-LLM. To protect your system, clone or update this software from the NVIDIA/TensorRT-LLM GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update addresses a...

8.4CVSS6.5AI score0.00263EPSS
Exploits0Affected Software1
nvd
nvd
added 3 days ago5 views

CVE-2026-59521

Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC Real Testimonials testimonial-free allows Object Injection.This issue affects Real Testimonials: from n/a through = 3.1.15...

7.2CVSS0.003EPSS
Exploits0References1
nvd
nvd
added 3 days ago6 views

CVE-2026-59518

Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object Injection.This issue affects Directorist: from n/a through = 8.8.2...

9.8CVSS0.00313EPSS
Exploits0References1
nvd
nvd
added 3 days ago5 views

CVE-2026-57770

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Photography grandphotography allows Object Injection.This issue affects Grand Photography: from n/a through = 5.7.8...

9.8CVSS0.00313EPSS
Exploits0References1
nvd
nvd
added 3 days ago5 views

CVE-2026-57738

Deserialization of Untrusted Data vulnerability in axiomthemes 777 triple-seven allows Object Injection.This issue affects 777: from n/a through = 1.13.0...

9.8CVSS0.00386EPSS
Exploits0References1
nvd
nvd
added 3 days ago4 views

CVE-2026-57744

Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

9.8CVSS0.00313EPSS
Exploits0References1
nvd
nvd
added 3 days ago5 views

CVE-2026-57713

Deserialization of Untrusted Data vulnerability in Marcus aka @msykes Events Manager events-manager allows Object Injection.This issue affects Events Manager: from n/a through = 7.3.6...

8.8CVSS0.00317EPSS
Exploits0References1
Rows per page
Query Builder