CWE:
 

Topic
Date
Author
Med.
Revive Adserver Deserialization / Open Redirect
02.05.2019
Matteo Beccati
High
OpenMRS Platform Insecure Object Deserialization
05.02.2019
Bishop Fox
Med.
Revive Adserver 4.0.0 XSS / Deserialization / Session Fixation
01.02.2017
Matteo Beccati
High
Solarwinds Virtualization Manager 6.3.1 Java Deserialization
17.06.2016
Nate Kettlewell


CVEMAP Search Results

CVE
Details
Description
2020-01-17
Medium
CVE-2019-17635

Vendor: Eclipse
Software: Memory analyzer
 

 
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted index for the problem to occur. The problem can be averted if the index files from an untrusted source are deleted and the heap dump is opened and reparsed. Also some local configuration data is subject to a deserialization vulnerability if the local data were to be replaced with a malicious version. This can be averted if the local configuration data stored on the file system cannot be changed by an attacker. The vulnerability could possibly allow code execution on the local system.

 
2020-01-08
Medium
CVE-2019-17076

Vendor: JAMF
Software: JAMF
 

 
An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1. Deserialization of untrusted data when parsing JSON in several APIs may cause Denial of Service (DoS), remote code execution (RCE), and/or deletion of files on the Jamf Pro server.

 
Medium
CVE-2014-1860

Vendor: Contao
Software: Contao cms
 

 
Contao CMS through 3.2.4 has PHP Object Injection Vulnerabilities

 
2020-01-03
Medium
CVE-2019-20330

Vendor: Fasterxml
Software: Jackson-databind
 

 
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.

 
2020-01-02
Medium
CVE-2016-1000027

Vendor: Pivotal software
Software: Spring framework
 

 
Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required.

 
2019-12-31
Medium
CVE-2019-14466

Vendor: Gosa project
Software: GOSA
 

 
The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user account that runs the web server) via a crafted cookie value, because unserialize is used to restore filter settings from a cookie.

 
2019-12-23
Medium
CVE-2019-18211

Vendor: Orckestra
Software: C1 cms
 

 
An issue was discovered in Orckestra C1 CMS through 6.6. The EntityTokenSerializer class in Composite.dll is prone to unvalidated deserialization of wrapped BinaryFormatter payloads, leading to arbitrary remote code execution for any low-privilege user.

 
2019-12-20
Medium
CVE-2019-17571

Vendor: Apache
Software: Log4j
 

 
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.

 
2019-12-19
Medium
CVE-2019-19909

Vendor: SFU
Software: Open journal...
 

 
An issue was discovered in Public Knowledge Project (PKP) pkp-lib before 3.1.2-2, as used in Open Journal Systems (OJS) before 3.1.2-2. Code injection can occur in the OJS report generator if an authenticated Journal Manager user visits a crafted URL, because unserialize is used.

 
2019-12-17
Medium
CVE-2019-19849

Vendor: Typo3
Software: Typo3
 

 
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the classes QueryGenerator and QueryView are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension ext:lowlevel (Backend Module: DB Check) installed, with a valid backend user who has administrator privileges. The other exploitable scenario requires having the system extension ext:sys_action installed, with a valid backend user who has limited privileges.

 

 


Copyright 2020, cxsecurity.com

 

Back to Top