CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

8 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-0537

Malware in sbrugna...

10CVSS9.3AI score0.04173EPSS

Exploits1References7

RedhatCVE•added 2025/05/22 3:27 a.m.•4 views

CVE-2018-18628

An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode calls ObjectInputStream.readObject to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it in the PIPPOSESSION...

10CVSS7.3AI score0.04173EPSS

Exploits1References1

CNVD•added 2018/12/25 12:0 a.m.•1 views

Synology DiskStation Manager Information Disclosure Vulnerability (CNVD-2019-03278)

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology. The operating system manages information such as data, files, photos, music, and more. An information disclosure vulnerability exists in SYNO.Core.Desktop.SessionData in Synology DSM...

9.8CVSS6.4AI score0.00262EPSS

Exploits0References1

OSV•added 2018/12/24 3:29 p.m.•1 views

CVE-2018-8919

Information exposure vulnerability in SYNO.Core.Desktop.SessionData in Synology DiskStation Manager DSM before 6.1.6-15266 allows remote attackers to steal credentials via unspecified vectors...

9.8CVSS5.8AI score0.00262EPSS

Exploits0References1

Github Security Blog•added 2018/10/24 7:46 p.m.•24 views

Deserialization of Untrusted Data in Pippo

An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode calls ObjectInputStream.readObject to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it in the PIPPOSESSION...

10CVSS3.1AI score0.04173EPSS

Exploits1References5Affected Software1

OSV•added 2018/10/23 8:29 p.m.•8 views

CVE-2018-18628

An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode calls ObjectInputStream.readObject to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it in the PIPPOSESSION...

9.8CVSS9.7AI score

Exploits0References1

Prion•added 2018/10/23 8:29 p.m.•15 views

Design/Logic Flaw

An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode calls ObjectInputStream.readObject to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it in the PIPPOSESSION...

10CVSS9.7AI score0.04173EPSS

Exploits1References1Affected Software1

Cvelist•added 2018/10/23 8:0 p.m.•10 views

CVE-2018-18628

An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode calls ObjectInputStream.readObject to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it in the PIPPOSESSION...

9.8AI score0.04173EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by