Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-11346

Summary
Assigner-VulDB
Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5
Published At-06 Oct, 2025 | 19:32
Updated At-24 Feb, 2026 | 06:46
Rejected At-
Credits

ILIAS Base64 Decoding unserialize deserialization

A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This affects the function unserialize of the component Base64 Decoding Handler. Such manipulation of the argument f_settings leads to deserialization. It is possible to launch the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 is able to mitigate this issue. It is advisable to upgrade the affected component.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulDB
Assigner Org ID:1af790b2-7ee1-4545-860a-a788eba489b5
Published At:06 Oct, 2025 | 19:32
Updated At:24 Feb, 2026 | 06:46
Rejected At:
â–¼CVE Numbering Authority (CNA)
ILIAS Base64 Decoding unserialize deserialization

A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This affects the function unserialize of the component Base64 Decoding Handler. Such manipulation of the argument f_settings leads to deserialization. It is possible to launch the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 is able to mitigate this issue. It is advisable to upgrade the affected component.

Affected Products
Vendor
n/a
Product
ILIAS
CPEs
  • cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:*
Modules
  • Base64 Decoding Handler
Versions
Affected
  • 8.0
  • 8.1
  • 8.2
  • 8.3
  • 8.4
  • 8.5
  • 8.6
  • 8.7
  • 8.8
  • 8.9
  • 8.10
  • 8.11
  • 8.12
  • 8.13
  • 8.14
  • 8.15
  • 8.16
  • 8.17
  • 8.18
  • 8.19
  • 8.20
  • 8.21
  • 8.22
  • 8.23
  • 9.0
  • 9.1
  • 9.2
  • 9.3
  • 9.4
  • 9.5
  • 9.6
  • 9.7
  • 9.8
  • 9.9
  • 9.10
  • 9.11
  • 9.12
  • 9.13
  • 10.0
  • 10.1
Unaffected
  • 8.24
  • 9.14
  • 10.2
Problem Types
TypeCWE IDDescription
CWECWE-502Deserialization
CWECWE-20Improper Input Validation
Type: CWE
CWE ID: CWE-502
Description: Deserialization
Type: CWE
CWE ID: CWE-20
Description: Improper Input Validation
Metrics
VersionBase scoreBase severityVector
4.05.3MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X
3.16.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C
3.06.3MEDIUM
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C
2.06.5N/A
AV:N/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X
Version: 3.1
Base score: 6.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C
Version: 3.0
Base score: 6.3
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C
Version: 2.0
Base score: 6.5
Base severity: N/A
Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

reporter
rehme_srlabs (VulDB User)
Timeline
EventDate
Advisory disclosed2025-10-06 00:00:00
VulDB entry created2025-10-06 02:00:00
VulDB entry last update2025-10-15 09:15:18
Event: Advisory disclosed
Date: 2025-10-06 00:00:00
Event: VulDB entry created
Date: 2025-10-06 02:00:00
Event: VulDB entry last update
Date: 2025-10-15 09:15:18
Replaced By

Rejected Reason

References
HyperlinkResource
https://vuldb.com/?id.327231
vdb-entry
technical-description
https://vuldb.com/?ctiid.327231
signature
permissions-required
https://vuldb.com/?submit.664892
third-party-advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2113
government-resource
Hyperlink: https://vuldb.com/?id.327231
Resource:
vdb-entry
technical-description
Hyperlink: https://vuldb.com/?ctiid.327231
Resource:
signature
permissions-required
Hyperlink: https://vuldb.com/?submit.664892
Resource:
third-party-advisory
Hyperlink: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2113
Resource:
government-resource
â–¼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://srlabs.de/blog/breaking-ilias-part-2-three-to-rce
N/A
Hyperlink: https://srlabs.de/blog/breaking-ilias-part-2-three-to-rce
Resource: N/A
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cna@vuldb.com
Published At:06 Oct, 2025 | 20:15
Updated At:23 Jan, 2026 | 19:15

A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This affects the function unserialize of the component Base64 Decoding Handler. Such manipulation of the argument f_settings leads to deserialization. It is possible to launch the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 is able to mitigate this issue. It is advisable to upgrade the affected component.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.3MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.16.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary2.06.5MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Type: Secondary
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 6.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 2.0
Base score: 6.5
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P
CPE Matches

ilias
ilias
>>ilias>>8.23
cpe:2.3:a:ilias:ilias:8.23:*:*:*:*:*:*:*
ilias
ilias
>>ilias>>9.13
cpe:2.3:a:ilias:ilias:9.13:*:*:*:*:*:*:*
ilias
ilias
>>ilias>>10.1
cpe:2.3:a:ilias:ilias:10.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Secondarycna@vuldb.com
CWE-502Secondarycna@vuldb.com
CWE ID: CWE-20
Type: Secondary
Source: cna@vuldb.com
CWE ID: CWE-502
Type: Secondary
Source: cna@vuldb.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://vuldb.com/?ctiid.327231cna@vuldb.com
Permissions Required
VDB Entry
https://vuldb.com/?id.327231cna@vuldb.com
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.664892cna@vuldb.com
Third Party Advisory
VDB Entry
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2113cna@vuldb.com
Third Party Advisory
https://srlabs.de/blog/breaking-ilias-part-2-three-to-rceaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://vuldb.com/?ctiid.327231
Source: cna@vuldb.com
Resource:
Permissions Required
VDB Entry
Hyperlink: https://vuldb.com/?id.327231
Source: cna@vuldb.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://vuldb.com/?submit.664892
Source: cna@vuldb.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2113
Source: cna@vuldb.com
Resource:
Third Party Advisory
Hyperlink: https://srlabs.de/blog/breaking-ilias-part-2-three-to-rce
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1930Records found

CVE-2020-10915
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-9.8||CRITICAL
EPSS-86.62% / 99.72%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 20:51
Updated-04 Aug, 2024 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-10401.

Action-Not Available
Vendor-Veeam Software Group GmbH
Product-oneOne Agent
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-10975
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.29% / 20.59%
||
7 Day CHG~0.00%
Published-25 Sep, 2025 | 21:32
Updated-26 Sep, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GuanxingLu vlarl ZeroMQ reasoning_server.py run_reasoning_server deserialization

A vulnerability was found in GuanxingLu vlarl up to 31abc0baf53ef8f5db666a1c882e1ea64def2997. This vulnerability affects the function experiments.robot.bridge.reasoning_server::run_reasoning_server of the file experiments/robot/bridge/reasoning_server.py of the component ZeroMQ. Performing manipulation of the argument Message results in deserialization. Remote exploitation of the attack is possible. The exploit has been made public and could be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided.

Action-Not Available
Vendor-GuanxingLu
Product-vlarl
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2012-0911
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-62.99% / 99.10%
||
7 Day CHG~0.00%
Published-12 Jul, 2012 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/banners/bannerlib.php; (2) printpages or (3) printstructures parameter to (a) tiki-print_multi_pages.php or (b) tiki-print_pages.php; or (4) sendpages, (5) sendstructures, or (6) sendarticles parameter to tiki-send_objects.php, which is not properly handled when processed by the unserialize function.

Action-Not Available
Vendor-tikin/a
Product-tikiwiki_cms\/groupwaren/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-10965
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.29% / 20.59%
||
7 Day CHG~0.00%
Published-25 Sep, 2025 | 20:02
Updated-26 Sep, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LazyAGI LazyLLM server.py lazyllm_call deserialization

A security vulnerability has been detected in LazyAGI LazyLLM up to 0.6.1. Affected by this issue is the function lazyllm_call of the file lazyllm/components/deploy/relay/server.py. Such manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-LazyAGI
Product-LazyLLM
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-10433
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.29% / 20.59%
||
7 Day CHG~0.00%
Published-15 Sep, 2025 | 08:02
Updated-15 Sep, 2025 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
1Panel-dev MaxKB debug deserialization

A vulnerability was determined in 1Panel-dev MaxKB up to 2.0.2/2.1.0. This issue affects some unknown processing of the file /admin/api/workspace/default/tool/debug. Executing manipulation of the argument code can lead to deserialization. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.1.1 is capable of addressing this issue. It is suggested to upgrade the affected component.

Action-Not Available
Vendor-1Panel (FIT2CLOUD Inc.)
Product-MaxKB
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-10769
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.49% / 38.48%
||
7 Day CHG~0.00%
Published-21 Sep, 2025 | 09:33
Updated-08 Oct, 2025 | 19:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
h2oai h2o-3 H2 JDBC Driver ImportSQLTable deserialization

A vulnerability has been found in h2oai h2o-3 up to 3.46.08. This affects an unknown function of the file /99/ImportSQLTable of the component H2 JDBC Driver. Such manipulation of the argument connection_url leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-h2oh2oai
Product-h2oh2o-3
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2020-10885
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.1||HIGH
EPSS-7.22% / 93.56%
||
7 Day CHG~0.00%
Published-25 Mar, 2020 | 19:15
Updated-04 Aug, 2024 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. The issue results from the lack of proper validation of DNS reponses prior to further processing. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the root user. Was ZDI-CAN-9661.

Action-Not Available
Vendor-TP-Link Systems Inc.
Product-ac1750ac1750_firmwareArcher A7
CWE ID-CWE-20
Improper Input Validation
CVE-2012-1301
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.48% / 87.68%
||
7 Day CHG~0.00%
Published-13 Apr, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf via the "url" parameter.

Action-Not Available
Vendor-n/aUmbraco A/S (Umbraco)
Product-umbraco_cmsn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2025-0767
Matching Score-4
Assigner-Fluid Attacks
ShareView Details
Matching Score-4
Assigner-Fluid Attacks
CVSS Score-6.3||MEDIUM
EPSS-0.43% / 34.83%
||
7 Day CHG~0.00%
Published-27 Feb, 2025 | 18:14
Updated-21 May, 2025 | 17:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Activity Log 5.3.2 - Insecure deserialization

WP Activity Log 5.3.2 was found to be vulnerable. Unvalidated user input is used directly in an unserialize function in myapp/classes/Writers/class-csv-writer.php.

Action-Not Available
Vendor-melapressMelapress
Product-wp_activity_logWP Activity Log
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2019-17132
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.78% / 95.57%
||
7 Day CHG~0.00%
Published-04 Oct, 2019 | 11:36
Updated-05 Aug, 2024 | 01:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

vBulletin through 5.5.4 mishandles custom avatars.

Action-Not Available
Vendor-vbulletinn/a
Product-vbulletinn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2025-0912
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-1.35% / 68.08%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 03:37
Updated-08 Apr, 2026 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GiveWP – Donation Plugin and Fundraising Platform <= 3.19.4 - Unauthenticated PHP Object Injection

The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.4 via deserialization of untrusted input from the Donation Form through the 'card_address' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to achieve remote code execution.

Action-Not Available
Vendor-The Events Calendar (StellarWP)GiveWP
Product-GiveWP – Donation Plugin and Fundraising Platform
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-9634
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-1.40% / 69.16%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 02:05
Updated-08 Apr, 2026 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GiveWP – Donation Plugin and Fundraising Platform <= 3.16.3 - Unauthenticated PHP Object Injection to Remote Code Execution

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.3 via deserialization of untrusted input from the give_company_name parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to achieve remote code execution.

Action-Not Available
Vendor-The Events Calendar (StellarWP)GiveWP
Product-givewpGiveWP – Donation Plugin and Fundraising Platformgivewp_donation_plugin_and_fundraising_platform
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2012-0694
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-67.26% / 99.21%
||
7 Day CHG~0.00%
Published-29 Oct, 2019 | 20:37
Updated-06 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote attackers to execute arbitrary PHP code.

Action-Not Available
Vendor-n/aSugarCRM Inc.
Product-sugarcrmn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36085
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.4||HIGH
EPSS-1.22% / 65.14%
||
7 Day CHG~0.00%
Published-08 Sep, 2022 | 13:30
Updated-22 Apr, 2025 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OPA Compiler: Bypass of WithUnsafeBuiltins using `with` keyword to mock functions

Open Policy Agent (OPA) is an open source, general-purpose policy engine. The Rego compiler provides a (deprecated) `WithUnsafeBuiltins` function, which allows users to provide a set of built-in functions that should be deemed unsafe — and as such rejected — by the compiler if encountered in the policy compilation stage. A bypass of this protection has been found, where the use of the `with` keyword to mock such a built-in function (a feature introduced in OPA v0.40.0), isn’t taken into account by `WithUnsafeBuiltins`. Multiple conditions need to be met in order to create an adverse effect. Version 0.43.1 contains a patch for this issue. As a workaround, avoid using the `WithUnsafeBuiltins` function and use the `capabilities` feature instead.

Action-Not Available
Vendor-openpolicyagentopen-policy-agent
Product-open_policy_agentopa
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2024-8862
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-1.33% / 67.55%
||
7 Day CHG~0.00%
Published-14 Sep, 2024 | 19:31
Updated-20 Sep, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
h2oai h2o-3 JDBC Connection 1 getConnectionSafe deserialization

A vulnerability, which was classified as critical, has been found in h2oai h2o-3 3.46.0.4. This issue affects the function getConnectionSafe of the file /dtale/chart-data/1 of the component JDBC Connection Handler. The manipulation of the argument query leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-h2oh2oaih2oai
Product-h2oh2o-3h2o-3
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-9511
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-1.12% / 62.27%
||
7 Day CHG~0.00%
Published-23 Nov, 2024 | 07:38
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider <= 2.2.82 - Unauthenticated PHP Object Injection

The FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.82 via deserialization of untrusted input in the 'formatResult' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. The vulnerability was partially patched in version 2.2.82.

Action-Not Available
Vendor-techjewelwpmanageninja
Product-FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Providerfluentsmtp
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-9053
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.8||CRITICAL
EPSS-1.27% / 66.36%
||
7 Day CHG~0.00%
Published-20 Mar, 2025 | 10:09
Updated-15 Oct, 2025 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Code Execution in vllm-project/vllm

vllm-project vllm version 0.6.0 contains a vulnerability in the AsyncEngineRPCServer() RPC server entrypoints. The core functionality run_server_loop() calls the function _make_handler_coro(), which directly uses cloudpickle.loads() on received messages without any sanitization. This can result in remote code execution by deserializing malicious pickle data.

Action-Not Available
Vendor-vllm-projectvllm-project
Product-vllmvllm-project/vllm
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-36978
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-9.8||CRITICAL
EPSS-7.33% / 93.64%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-18 Feb, 2025 | 19:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Notification Server service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15448.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-25032
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 29.51%
||
7 Day CHG~0.00%
Published-25 Mar, 2026 | 16:14
Updated-28 Apr, 2026 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Ricky theme < 2.31 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in park_of_ideas Ricky ricky allows Object Injection.This issue affects Ricky: from n/a through < 2.31.

Action-Not Available
Vendor-park_of_ideas
Product-Ricky
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-36977
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-9.8||CRITICAL
EPSS-6.71% / 93.12%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-18 Feb, 2025 | 19:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Certificate Management Server service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15449.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-8073
Matching Score-4
Assigner-Hillstone Networks Inc.
ShareView Details
Matching Score-4
Assigner-Hillstone Networks Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.14% / 62.66%
||
7 Day CHG~0.00%
Published-26 Aug, 2024 | 02:19
Updated-12 Sep, 2024 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command Injection Vulnerability in Hillstone Networks Web Application Firewall

Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: from 5.5R6-2.6.7 through 5.5R6-2.8.13.

Action-Not Available
Vendor-hillstonenetHillstone Networkshillstonenet
Product-web_application_firewallHillstone Networks Web Application Firewallweb_application_firewall
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-36974
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-9.8||CRITICAL
EPSS-84.45% / 99.67%
||
7 Day CHG-0.69%
Published-29 Mar, 2023 | 00:00
Updated-18 Feb, 2025 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Web File Server service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15330.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-8003
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.83% / 53.00%
||
7 Day CHG~0.00%
Published-20 Aug, 2024 | 13:31
Updated-21 Aug, 2024 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Go-Tribe gotribe-admin Log routes.go InitRoutes deserialization

A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected by this issue is the function InitRoutes of the file internal/app/routes/routes.go of the component Log Handler. The manipulation leads to deserialization. The patch is identified as 45ac90d6d1f82716f77dbcdf8e7309c229080e3c. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-gotribeGo-Tribe
Product-gotribe-admingotribe-admin
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-36784
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
ShareView Details
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
CVSS Score-9.8||CRITICAL
EPSS-1.05% / 60.22%
||
7 Day CHG~0.00%
Published-17 Nov, 2022 | 22:27
Updated-25 Apr, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Elsight – Elsight Halo Remote Code Execution (RCE)

Elsight – Elsight Halo  Remote Code Execution (RCE) Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution.

Action-Not Available
Vendor-elsightElsight
Product-halo_firmwarehaloElsight Halo
CWE ID-CWE-20
Improper Input Validation
CVE-2024-8353
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-29.10% / 97.93%
||
7 Day CHG~0.00%
Published-28 Sep, 2024 | 02:04
Updated-08 Apr, 2026 | 19:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Unauthenticated PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input via several parameters like 'give_title' and 'card_address'. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files and achieve remote code execution. This is essentially the same vulnerability as CVE-2024-5932, however, it was discovered the the presence of stripslashes_deep on user_info allows the is_serialized check to be bypassed. This issue was mostly patched in 3.16.1, but further hardening was added in 3.16.2.

Action-Not Available
Vendor-The Events Calendar (StellarWP)GiveWP
Product-givewpGiveWP – Donation Plugin and Fundraising Platformdonation_plugin_and_fundraising_platform
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-8255
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.4||HIGH
EPSS-0.83% / 53.01%
||
7 Day CHG~0.00%
Published-29 Aug, 2024 | 15:18
Updated-06 Sep, 2024 | 22:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Path Traversal in Ocean Data Systems Dream Report

Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability.

Action-Not Available
Vendor-Delta Electronics, Inc.
Product-dtn_softDTN Softdtnsoft
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-24989
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 29.51%
||
7 Day CHG~0.00%
Published-25 Mar, 2026 | 16:14
Updated-28 Apr, 2026 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress SUMO Affiliates Pro plugin < 11.4.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through < 11.4.0.

Action-Not Available
Vendor-FantasticPlugins
Product-SUMO Affiliates Pro
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-37021
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-2.37% / 81.75%
||
7 Day CHG+0.08%
Published-31 Aug, 2022 | 07:00
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Geode deserialization of untrusted data flaw when using JMX over RMI on Java 8.

Apache Geode versions up to 1.12.5, 1.13.4 and 1.14.0 are vulnerable to a deserialization of untrusted data flaw when using JMX over RMI on Java 8. Any user still on Java 8 who wishes to protect against deserialization attacks involving JMX or RMI should upgrade to Apache Geode 1.15 and Java 11. If upgrading to Java 11 is not possible, then upgrade to Apache Geode 1.15 and specify "--J=-Dgeode.enableGlobalSerialFilter=true" when starting any Locators or Servers. Follow the documentation for details on specifying any user classes that may be serialized/deserialized with the "serializable-object-filter" configuration option. Using a global serial filter will impact performance.

Action-Not Available
Vendor-The Apache Software Foundation
Product-geodeApache Geode
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-7988
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-9.3||CRITICAL
EPSS-1.48% / 70.73%
||
7 Day CHG~0.00%
Published-26 Aug, 2024 | 14:47
Updated-21 Oct, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities

A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-thinmanager_thinserverThinManager® ThinServer™thinmanager_thinserver
CWE ID-CWE-20
Improper Input Validation
CVE-2026-54133
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 23.87%
||
7 Day CHG~0.00%
Published-12 Jun, 2026 | 13:56
Updated-15 Jun, 2026 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
jmespath.php has CompilerRuntime code injection via unescaped function names

jmespath.php allows users to use JMESPath, software for declaratively specifying how to extract elements from a JSON document, in PHP applications with PHP data structures. Versions prior to 2.9.1 can generate and execute attacker-controlled PHP code when `JmesPath\CompilerRuntime` is used with an attacker-controlled JMESPath expression. The compiler emits parsed JMESPath function names into generated PHP source without sufficient escaping. A crafted expression can cause the generated cache file to contain executable attacker-controlled PHP, which is then loaded by the compiler runtime. The issue is patched in `2.9.1` and later. As a workaround, disable `JP_PHP_COMPILE` and do not use `JmesPath\CompilerRuntime` with attacker-controlled expressions. Use the default `AstRuntime` for untrusted expressions. Applications that must continue accepting untrusted JMESPath expressions before upgrading should ensure those expressions are never evaluated by the compiler runtime.

Action-Not Available
Vendor-jmespathjmespath
Product-jmespathjmespath.php
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-8030
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-1.07% / 60.90%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 02:05
Updated-08 Apr, 2026 | 17:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 2.0.3 - Unauthenticated PHP Object Injection

The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the _ultimate_store_kit_wishlist cookie in versions up to , and including, 2.0.3. This makes it possible for an unauthenticated attacker to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker or above to delete arbitrary files, retrieve sensitive data, or execute code.

Action-Not Available
Vendor-BdThemes
Product-ultimate_store_kitUltimate Store Kit – Addon For WooCommerce, EDD and Elementorutlimate_store_kit_elementor_addons
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-35649
Matching Score-4
Assigner-Fedora Project
ShareView Details
Matching Score-4
Assigner-Fedora Project
CVSS Score-9.8||CRITICAL
EPSS-6.44% / 92.89%
||
7 Day CHG+0.12%
Published-25 Jul, 2022 | 15:27
Updated-03 Aug, 2024 | 09:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Action-Not Available
Vendor-n/aMoodle Pty LtdFedora Project
Product-fedoramoodleMoodle
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2011-4120
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.02% / 78.57%
||
7 Day CHG~0.00%
Published-26 Nov, 2019 | 04:17
Updated-07 Aug, 2024 | 00:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Yubico PAM Module before 2.10 performed user authentication when 'use_first_pass' PAM configuration option was not used and the module was configured as 'sufficient' in the PAM configuration. A remote attacker could use this flaw to circumvent common authentication process and obtain access to the account in question by providing a NULL value (pressing Ctrl-D keyboard sequence) as the password string.

Action-Not Available
Vendor-yubicoyubico-pamLinux Kernel Organization, IncDebian GNU/Linux
Product-linux_kerneldebian_linuxpam_moduleyubico-pam
CWE ID-CWE-20
Improper Input Validation
CVE-2026-25030
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 29.51%
||
7 Day CHG~0.00%
Published-25 Mar, 2026 | 16:14
Updated-28 Apr, 2026 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Goldish theme < 3.47 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in park_of_ideas Goldish goldish allows Object Injection.This issue affects Goldish: from n/a through < 3.47.

Action-Not Available
Vendor-park_of_ideas
Product-Goldish
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-25449
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 24.01%
||
7 Day CHG~0.00%
Published-18 Mar, 2026 | 13:12
Updated-28 Apr, 2026 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Traveler theme < 3.2.8.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in shinetheme Traveler traveler allows Object Injection.This issue affects Traveler: from n/a through < 3.2.8.1.

Action-Not Available
Vendor-Shinecommerce Joint Stock Company
Product-Traveler
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2011-3195
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.55% / 72.15%
||
7 Day CHG+0.01%
Published-20 Mar, 2014 | 19:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in mailing list tunable options.

Action-Not Available
Vendor-gplhostn/a
Product-domain_technologie_controln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-16317
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.70% / 74.38%
||
7 Day CHG~0.00%
Published-14 Sep, 2019 | 17:01
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different vulnerability than CVE-2019-10867 and CVE-2019-16318.

Action-Not Available
Vendor-n/aPimcore
Product-pimcoren/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2011-2897
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.94% / 77.71%
||
7 Day CHG~0.00%
Published-12 Nov, 2019 | 13:37
Updated-06 Aug, 2024 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw

Action-Not Available
Vendor-gdk-pixbufThe GNOME ProjectDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxgdk-pixbufenterprise_linuxgdk-pixbuf
CWE ID-CWE-20
Improper Input Validation
CVE-2024-6793
Matching Score-4
Assigner-National Instruments
ShareView Details
Matching Score-4
Assigner-National Instruments
CVSS Score-9.8||CRITICAL
EPSS-1.19% / 64.25%
||
7 Day CHG~0.00%
Published-22 Jul, 2024 | 20:47
Updated-17 Sep, 2024 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Deserialization of Untrusted Data in NI VeriStand DataLogging Server

A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions.

Action-Not Available
Vendor-niNIni
Product-veristandVeriStandveristand
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-6644
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.53% / 40.94%
||
7 Day CHG~0.00%
Published-10 Jul, 2024 | 16:31
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
zmops ArgusDBM AviatorScript CalculateAlarm.java getDefaultClassLoader deserialization

A vulnerability was found in zmops ArgusDBM up to 0.1.0. It has been classified as critical. Affected is the function getDefaultClassLoader of the file CalculateAlarm.java of the component AviatorScript Handler. The manipulation leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-271050 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-zmopszmops
Product-ArgusDBMargusdbm
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-6943
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.61% / 44.70%
||
7 Day CHG~0.00%
Published-21 Jul, 2024 | 07:00
Updated-03 Jan, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZhongBangKeJi CRMEB CopyTaobaoServices.php downloadImage deserialization

A vulnerability has been found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected by this vulnerability is the function downloadImage of the file app/services/product/product/CopyTaobaoServices.php. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272065 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-crmebZhongBangKeJi
Product-crmebCRMEB
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-6944
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-3.78% / 88.64%
||
7 Day CHG~0.00%
Published-21 Jul, 2024 | 07:31
Updated-03 Jan, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZhongBangKeJi CRMEB PublicController.php get_image_base64 deserialization

A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected by this issue is the function get_image_base64 of the file PublicController.php. The manipulation of the argument file leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-272066 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-crmebZhongBangKeJi
Product-crmebCRMEB
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-34916
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-2.31% / 81.29%
||
7 Day CHG~0.00%
Published-21 Aug, 2022 | 08:15
Updated-03 Aug, 2024 | 09:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation (JNDI Injection) in JMSMessageConsumer

Apache Flume versions 1.4.0 through 1.10.0 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol.

Action-Not Available
Vendor-The Apache Software Foundation
Product-flumeApache Flume
CWE ID-CWE-20
Improper Input Validation
CVE-2024-6794
Matching Score-4
Assigner-National Instruments
ShareView Details
Matching Score-4
Assigner-National Instruments
CVSS Score-9.8||CRITICAL
EPSS-1.15% / 63.08%
||
7 Day CHG~0.00%
Published-22 Jul, 2024 | 20:50
Updated-17 Sep, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Deserialization of Untrusted Data in NI VeriStand Waveform Streaming Server

A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions.

Action-Not Available
Vendor-niNIni
Product-veristandVeriStandveristand
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-7576
Matching Score-4
Assigner-Progress Software Corporation
ShareView Details
Matching Score-4
Assigner-Progress Software Corporation
CVSS Score-7.8||HIGH
EPSS-0.45% / 35.96%
||
7 Day CHG-0.00%
Published-25 Sep, 2024 | 13:57
Updated-03 Oct, 2024 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Progress UI for WPF format provider unsafe deserialization vulnerability

In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability.

Action-Not Available
Vendor-Progress Software CorporationTelerik
Product-ui_for_wpfTelerik UI for WPFui_for_wpf
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-34668
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-9.8||CRITICAL
EPSS-8.53% / 94.39%
||
7 Day CHG+0.30%
Published-29 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 09:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVFLARE, versions prior to 2.1.4, contains a vulnerability that deserialization of Untrusted Data due to Pickle usage may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity.

Action-Not Available
Vendor-NVIDIA Corporation
Product-nvflareNVIDIA FLARE
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2019-16112
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-11.39% / 95.46%
||
7 Day CHG~0.00%
Published-13 May, 2020 | 14:48
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution via a crafted Java object to the recorder/ServiceManager?service=tyler.empire.settings.SettingManager URI.

Action-Not Available
Vendor-tylertechn/a
Product-eaglen/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-33964
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.4||HIGH
EPSS-0.65% / 46.47%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_usage_reportIntel(R) SUR software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33754
Matching Score-4
Assigner-CA Technologies - A Broadcom Company
ShareView Details
Matching Score-4
Assigner-CA Technologies - A Broadcom Company
CVSS Score-9.8||CRITICAL
EPSS-1.74% / 74.91%
||
7 Day CHG+0.04%
Published-16 Jun, 2022 | 21:23
Updated-03 Aug, 2024 | 08:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-ca_automic_automationCA Automic Automation
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33719
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.6||HIGH
EPSS-0.31% / 22.55%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 15:20
Updated-03 Aug, 2024 | 08:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-190
Integer Overflow or Wraparound
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 38
  • 39
  • Next
Details not found