34 matches found
CVE-2022-27158
pearweb 1.32 suffers from Deserialization of Untrusted Data...
EUVD-2021-0212
Malware in sbrugna...
EUVD-2021-18567
Malware in sbrugna...
EUVD-2021-19410
Malware in sbrugna...
EUVD-2023-31797
Malicious code in bioql PyPI...
EUVD-2024-37604
Malicious code in bioql PyPI...
EUVD-2024-35538
Malicious code in bioql PyPI...
EUVD-2025-17317
Malicious code in bioql PyPI...
EUVD-2023-3305
Malicious code in bioql PyPI...
EUVD-2025-2987
Malicious code in bioql PyPI...
EUVD-2024-28160
Malicious code in bioql PyPI...
CVE-2025-28961
CVE-2025-28961 corresponds to a deserialization of untrusted data vulnerability in the WordPress URL Shortener plugin (Md Yeasin Ul Haider) 3.0.7 when available, as stated in the sources. The vulnerability is not described as rejected or reserved in the provided materials.
CVE-2025-49507 WordPress CozyStay theme < 1.7.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay cozystay allows Object Injection.This issue affects CozyStay: from n/a through 1.7.1...
CVE-2025-48389
CVE-2025-48389 affects FreeScout prior to version 1.8.178. The issue arises from deserialization of untrusted data when using the set function to pass a serialized object string, and deserialization occurs when retrieving an option via the get method, enabling arbitrary code execution. This vulne...
CVE-2025-27526
Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability which can lead to JDBC Vulnerability URLEncdoe and backspace bypass. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick 1 to solve it...
CVE-2025-31049 WordPress Dash <= 1.3 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in themeton Dash allows Object Injection. This issue affects Dash: from n/a through 1.3...
CVE-2023-49772
Deserialization of Untrusted Data vulnerability in Phpbits Creative Studio Genesis Simple Love.This issue affects Genesis Simple Love: from n/a through 2.0...
CVE-2025-32928 WordPress Altair theme <= 5.2.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ThemeGoods Altair allows Object Injection.This issue affects Altair: from n/a through 5.2.2...
CVE-2025-47581 WordPress WordPress Events Calendar Registration & Tickets plugin <= 2.6.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Object Injection.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through = 2.6.0...
Deserialization Of Untrusted Data
apache.nms.activemq is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to unbounded deserialization of data from untrusted servers, allowing them to send malicious payloads that may result in Remote Code Execution RCE...