7355 matches found
CVE-2026-50649
A flaw was found in .NET. This vulnerability allows an unauthorized attacker to execute code locally by exploiting a deserialization of untrusted data. This means that if an attacker can provide specially crafted data, the .NET application may process it in a way that leads to the execution of...
Veeam Backup & Replication - Unauthenticated
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution RCE. id: CVE-2024-40711 info: name: Veeam Backup & Replication - Unauthenticated author: rootxharsh,iamnoooob,DhiyaneshDK severity: critical description: | A deserializati...
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
A flaw was found in jackson-databind, a library used for processing data. This vulnerability allows an attacker to bypass security controls designed to validate data types. By sending specially crafted input, an attacker can force the system to process untrusted data, which may lead to the...
Adobe ColdFusion - Deserialization of Untrusted Data
Adobe ColdFusion versions 2018u17 and earlier, 2021u7 and earlier and 2023u1 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction. id: CVE-2023-38203 info: name:...
CVE-2026-24233
NVIDIA TensorRT-LLM for Linux contains a vulnerability in the restricted unpickler used for model weight deserialization, where a local, unauthenticated attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of...
CVE-2026-24227
NVIDIA TensorRT for contains a vulnerability where a user might cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-50649
Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally...
CVE-2026-24227
CVE-2026-24227 affects NVIDIA TensorRT. The vulnerability arises from deserializing untrusted data, potentially enabling code execution. Impact is high (CVSS v3.1 base score 9.8). NVIDIA’s security bulletin recommends updating to TensorRT v11.0 (and Polygraphy 0.50.0) to mitigate; affected Tensor...
CVE-2026-24227
NVIDIA TensorRT for contains a vulnerability where a user might cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-24233
NVIDIA TensorRT-LLM for Linux contains a vulnerability in the restricted unpickler used for model weight deserialization, where a local, unauthenticated attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of...
CVE-2026-24233
NVIDIA TensorRT-LLM for Linux is affected by CVE-2026-24233, involving a vulnerability in the restricted unpickler used for model weight deserialization. A local, unauthenticated attacker could cause deserialization of untrusted data, with potential for code execution, privilege escalation, data ...
CVE-2026-50649
Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally...
EUVD-2026-44399
Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally...
CVE-2026-50509
Deserialization of untrusted data in Windows Wireless Wide Area Network Service allows an authorized attacker to elevate privileges locally...
DEBIAN-CVE-2026-59886
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the univ.Real type converted its mantissa, base, and exponent value to a Python float using exact big-integer exponentiation. A BER, CER, or DER encoded REAL value only a few bytes long can carry a very large exponent, causing float...
CVE-2026-59886
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the univ.Real type converted its mantissa, base, and exponent value to a Python float using exact big-integer exponentiation. A BER, CER, or DER encoded REAL value only a few bytes long can carry a very large exponent, causing float...
CVE-2026-55009
Deserialization of untrusted data in Microsoft Exchange Server allows an authorized attacker to elevate privileges locally...
CVE-2026-54118
Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network...
CVE-2026-54117
Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network...
CVE-2026-50522
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network...