Lucene search
+L

67 matches found

CVE
CVE
added 2025/11/25 12:0 a.m.29 views

CVE-2025-51746

CVE-2025-51746 affects jishenghua JSH_ERP 2.3.1. The vulnerability is in the /serialNumber/addSerialNumber endpoint and arises from fastjson deserialization, with CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base score 9.8, CRITICAL). Exploitation details are not provided in the connected docu...

9.8CVSS6.7AI score0.00416EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/10/08 3:16 p.m.6 views

CVE-2025-60834

A fastjson deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying a crafted input...

6.5CVSS0.00336EPSS
Exploits1References2
OSV
OSV
added 2025/10/08 3:16 p.m.4 views

CVE-2025-60834

A fastjson deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying a crafted input...

6.5CVSS6.1AI score0.00336EPSS
Exploits1References2
OSV
OSV
added 2025/10/08 2:15 p.m.2 views

CVE-2025-60828

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...

6.5CVSS5.8AI score0.00334EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/10/08 12:0 a.m.4 views

CVE-2025-60828

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...

7AI score0.00334EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/10/08 12:0 a.m.7 views

uzy-ssm-mall 安全漏洞

uzy-ssm-mall yuzu cloud e-commerce is an SSM framework by ghostxbh individual developer for building e-commerce, bookstore malls, customer management, and more. A security vulnerability exists in uzy-ssm-mall version 1.1.0, which stems from improper fastjson deserialization and could lead to the...

6.5CVSS7AI score0.00336EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/10/08 12:0 a.m.12 views

WukongCRM 安全漏洞

WukongCRM is a Customer Relationship Management CRM system from Wukong, China. A security vulnerability exists in WukongCRM version 9.0-JAVA, which stems from a fastjson deserialization issue in the /OaExamine/setOaExamine interface that could lead to arbitrary code execution...

6.5CVSS7.7AI score0.00334EPSS
Exploits1References3
CVE
CVE
added 2025/10/08 12:0 a.m.17 views

CVE-2025-60834

The CVE-2025-60834 issue affects uzy-ssm-mall v1.1.0 and is caused by a fastjson deserialization flaw that allows arbitrary code execution when processing crafted input. Public references across NVD/Red Hat/CNNVD/CIRCL/CVE lists confirm the same description; exploitation status is not detailed in...

6.5CVSS7.5AI score0.00336EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/08 12:0 a.m.5 views

EUVD-2025-33164

A fastjson deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying a crafted input...

6.5CVSS7.3AI score0.00336EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/10/08 12:0 a.m.14 views

CVE-2025-60828

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface...

0.00334EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/08 12:0 a.m.14 views

CVE-2025-60834

A fastjson deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying a crafted input...

0.00336EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/10/08 12:0 a.m.10 views

PT-2025-41259

Name of the Vulnerable Software and Affected Versions WukongCRM version 9.0-JAVA Description The software contains a fastjson deserialization issue through the /OaExamine/setOaExamine API endpoint. The vulnerability is triggered via this interface. Recommendations At the moment, there is no...

6.5CVSS6.6AI score0.00334EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/10/08 12:0 a.m.5 views

PT-2025-41267

Name of the Vulnerable Software and Affected Versions uzy-ssm-mall version 1.1.0 Description A fastjson deserialization issue exists in uzy-ssm-mall version 1.1.0. This allows attackers to execute arbitrary code by providing a specially crafted input. The vulnerability relates to how the software...

6.5CVSS7.4AI score0.00336EPSS
Exploits1References5
CVE
CVE
added 2025/10/08 12:0 a.m.28 views

CVE-2025-60828

CVE-2025-60828 affects WukongCRM-9.0-JAVA through a fastjson deserialization vulnerability at the /OaExamine/setOaExamine endpoint. According to the NVD entry, the CVSSv3.1 base score is 6.5 (Medium): Network attack vector, no authentication required, user interaction not needed, with Confidentia...

6.5CVSS7AI score0.00334EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/01/15 12:15 a.m.7 views

CVE-2024-57764

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add...

9.1CVSS5.8AI score0.00502EPSS
Exploits1References1
OSV
OSV
added 2025/01/15 12:15 a.m.7 views

CVE-2024-57766

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/editField...

9.1CVSS5.8AI score0.00502EPSS
Exploits1References1
NVD
NVD
added 2025/01/15 12:15 a.m.20 views

CVE-2024-57763

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/addField...

9.1CVSS0.00502EPSS
Exploits1References1
NVD
NVD
added 2025/01/15 12:15 a.m.15 views

CVE-2024-57764

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add...

9.1CVSS0.00502EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.4 views

Mysiteforme 安全漏洞

Mysiteforme is a permissions management system for wangl1989 individual developers. A security vulnerability exists in Mysiteforme versions prior to 2025.01.01, which stems from the inclusion of a fastjson deserialization vulnerability discovered via the component system/table/add...

9.1CVSS6.8AI score0.00502EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/14 12:0 a.m.9 views

CVE-2024-57764

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add...

7.1AI score0.00502EPSS
Exploits1References1
Rows per page
Query Builder