Total
1478 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-29615 | 1 Sap | 1 Netweaver Developer Studio | 2024-11-21 | 3.6 LOW | 3.4 LOW |
| SAP NetWeaver Developer Studio (NWDS) - version 7.50, is based on Eclipse, which contains the logging framework log4j in version 1.x. The application's confidentiality and integrity could have a low impact due to the vulnerabilities associated with version 1.x. | |||||
| CVE-2022-29528 | 1 Misp | 1 Misp | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in MISP before 2.4.158. PHAR deserialization can occur. | |||||
| CVE-2022-29363 | 1 Phpok | 1 Phpok | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Phpok v6.1 was discovered to contain a deserialization vulnerability via the update_f() function in login_control.php. This vulnerability allows attackers to getshell via writing arbitrary files. | |||||
| CVE-2022-28948 | 2 Netapp, Yaml Project | 2 Astra Trident, Yaml | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input. | |||||
| CVE-2022-28684 | 1 Devexpress | 1 Devexpress | 2024-11-21 | N/A | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of DevExpress. Authentication is required to exploit this vulnerability. The specific flaw exists within the SafeBinaryFormatter library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-16710. | |||||
| CVE-2022-27580 | 1 Sick | 1 Safety Designer | 2024-11-21 | N/A | 7.8 HIGH |
| A deserialization vulnerability in a .NET framework class used and not properly checked by Safety Designer all versions up to and including 1.11.0 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges of the current user when opened or imported by the Safety Designer. This compromises confidentiality integrity and availability. For the attack to succeed a user must manually open a malicious project file. | |||||
| CVE-2022-27579 | 1 Sick | 1 Flexi Soft Designer | 2024-11-21 | N/A | 7.8 HIGH |
| A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi Soft Designer in all versions up to and including 1.9.4 SP1 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges of the current user when opened or imported by the Flexi Soft Designer. This compromises confidentiality integrity and availability. For the attack to succeed a user must manually open a malicious project file. | |||||
| CVE-2022-27158 | 1 Php | 1 Pearweb | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| pearweb < 1.32 suffers from Deserialization of Untrusted Data. | |||||
| CVE-2022-26503 | 2 Microsoft, Veeam | 2 Windows, Veeam | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges. | |||||
| CVE-2022-26133 | 1 Atlassian | 1 Bitbucket Data Center | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization. | |||||
| CVE-2022-25863 | 1 Gatsbyjs | 1 Gatsby | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
| The package gatsby-plugin-mdx before 2.14.1, from 3.0.0 and before 3.15.2 are vulnerable to Deserialization of Untrusted Data when passing input through to the gray-matter package, due to its default configurations that are missing input sanitization. Exploiting this vulnerability is possible when passing input in both webpack (MDX files in src/pages or MDX file imported as a component in frontend / React code) and data mode (querying MDX nodes via GraphQL). Workaround: If an older version of gatsby-plugin-mdx must be used, input passed into the plugin should be sanitized ahead of processing. | |||||
| CVE-2022-25845 | 2 Alibaba, Oracle | 2 Fastjson, Communications Cloud Native Core Unified Data Repository | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not possible, you can enable [safeMode](https://github.com/alibaba/fastjson/wiki/fastjson_safemode). | |||||
| CVE-2022-25767 | 1 Ureport2 Project | 1 Ureport2 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets. | |||||
| CVE-2022-25647 | 4 Debian, Google, Netapp and 1 more | 6 Debian Linux, Gson, Active Iq Unified Manager and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.7 HIGH |
| The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. | |||||
| CVE-2022-24846 | 1 Geoserver | 1 Geowebcache | 2024-11-21 | 6.5 MEDIUM | 9.1 CRITICAL |
| GeoWebCache is a tile caching server implemented in Java. The GeoWebCache disk quota mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code execution. While in GeoWebCache the JNDI strings are provided via local configuration file, in GeoServer a user interface is provided to perform the same, that can be accessed remotely, and requires admin-level login to be used. These lookup are unrestricted in scope and can lead to code execution. The lookups are going to be restricted in GeoWebCache 1.21.0, 1.20.2, 1.19.3. | |||||
| CVE-2022-24289 | 1 Apache | 1 Cayenne | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence (ROP) feature is a web services-based technology that provides object persistence and query functionality to 'remote' applications. In Apache Cayenne 4.1 and earlier, running on non-current patch versions of Java, an attacker with client access to Cayenne ROP can transmit a malicious payload to any vulnerable third-party dependency on the server. This can result in arbitrary code execution. | |||||
| CVE-2022-24282 | 1 Siemens | 1 Sinec Network Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). The affected system allows to upload JSON objects that are deserialized to Java objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacker could exploit this vulnerability by sending a maliciously crafted serialized Java object. This could allow the attacker to execute arbitrary code on the device with root privileges. | |||||
| CVE-2022-24108 | 1 Skyoftech | 1 So Listing Tabs | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remote attacker to inject a serialized PHP object via the setting parameter, potentially resulting in the ability to write to files on the server, cause DoS, and achieve remote code execution because of deserialization of untrusted data. | |||||
| CVE-2022-24082 | 1 Pega | 1 Infinity | 2024-11-21 | N/A | 9.8 CRITICAL |
| If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running on PegaCloud due to its design and architecture. | |||||
| CVE-2022-23940 | 1 Salesagility | 1 Suitecrm | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users with access to the Scheduled Reports module can achieve this by leveraging PHP deserialization in the email_recipients property. By using a crafted request, they can create a malicious report, containing a PHP-deserialization payload in the email_recipients field. Once someone accesses this report, the backend will deserialize the content of the email_recipients field and the payload gets executed. Project dependencies include a number of interesting PHP deserialization gadgets (e.g., Monolog/RCE1 from phpggc) that can be used for Code Execution. | |||||