Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2025/12/28 2:32 a.m.1 views

CVE-2025-15117 Dromara Sa-Token SaJdkSerializer.java ObjectInputStream.readObject deserialization

A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function ObjectInputStream.readObject of the file SaJdkSerializer.java. Executing manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized by high complexity. It is...

3.1CVSS6.3AI score0.0005EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/09/24 12:0 a.m.6 views

CVE-2025-56816

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attackers to upload arbitrary YAML files to the config/jdbc-driver-ext.yml path. The application parses this file using SnakeYAML's unsafe load or loadAs method without input...

0.02256EPSS
Exploits2References2
RedhatCVE
RedhatCVEadded 2025/03/22 11:46 a.m.4 views

CVE-2024-9070

A deserialization vulnerability exists in BentoML's runner server in bentoml/bentoml versions =1.3.4.post1. By setting specific parameters, an attacker can execute unauthorized arbitrary code on the server, causing severe harm. The vulnerability is triggered when the args-number parameter is...

9.8CVSS7.4AI score0.0041EPSS
Exploits2References1
Positive Technologies
Positive Technologiesadded 2024/02/13 12:0 a.m.1 views

PT-2024-3272 · Intel · Intel Thunderbolt Dch Drivers

Name of the Vulnerable Software and Affected Versions: IntelR ThunderboltTM DCH drivers for Windows versions prior to 88 Description: The issue is related to deserialization weaknesses in the IntelR ThunderboltTM DCH drivers for Windows. It may allow an authenticated user to potentially enable a...

3.8CVSS7AI score0.00074EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2023/08/16 12:0 a.m.2 views

PT-2023-6952 · Microsoft · Exchange Server

Name of the Vulnerable Software and Affected Versions: Microsoft Exchange Server affected versions not specified Description: The issue is related to a deserialization mechanism weakness in Microsoft Exchange Server, specifically with the SerializationTypeConverter class, which can lead to...

8CVSS9AI score0.04094EPSS
Exploits0References10
Veracode
Veracodeadded 2022/03/22 1:1 p.m.21 views

Weak Deserializer

org.apache.dubbo:dubbo and com.alibaba:dubbo are using weak deserializers. An attacker is able to provoke the library to use a weak deserializer to be used by tampering with the byte preamble flags, not following the server's instruction...

9.8CVSS4.2AI score0.7462EPSS
Exploits2References7Affected Software1
Positive Technologies
Positive Technologiesadded 2018/01/21 12:0 a.m.4 views

PT-2018-3325 · Fasterxml +1 · Jackson-Databind +1

Name of the Vulnerable Software and Affected Versions: jackson-databind affected versions not specified Description: The issue is related to weaknesses in the deserialization mechanism of the jackson-databind library. Exploitation of this issue may allow a remote attacker to execute arbitrary cod...

9.8CVSS8.3AI score0.84949EPSS
Exploits7References51
Rows per page
Query Builder