Total
1479 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-48026 | 2024-10-16 | N/A | 9.8 CRITICAL | ||
Deserialization of Untrusted Data vulnerability in Grayson Robbins Disc Golf Manager allows Object Injection.This issue affects Disc Golf Manager: from n/a through 1.0.0. | |||||
CVE-2024-48028 | 2024-10-16 | N/A | 9.8 CRITICAL | ||
Deserialization of Untrusted Data vulnerability in Boyan Raichev IP Loc8 allows Object Injection.This issue affects IP Loc8: from n/a through 1.1. | |||||
CVE-2024-9634 | 2024-10-16 | N/A | 9.8 CRITICAL | ||
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.3 via deserialization of untrusted input from the give_company_name parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to achieve remote code execution. | |||||
CVE-2023-25581 | 2024-10-15 | N/A | N/A | ||
pac4j is a security framework for Java. `pac4j-core` prior to version 4.0.0 is affected by a Java deserialization vulnerability. The vulnerability affects systems that store externally controlled values in attributes of the `UserProfile` class from pac4j-core. It can be exploited by providing an attribute that contains a serialized Java object with a special prefix `{#sb64}` and Base64 encoding. This issue may lead to Remote Code Execution (RCE) in the worst case. Although a `RestrictedObjectInputStream` is in place, that puts some restriction on what classes can be deserialized, it still allows a broad range of java packages and potentially exploitable with different gadget chains. pac4j versions 4.0.0 and greater are not affected by this issue. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
CVE-2024-48033 | 2024-10-15 | N/A | 9.8 CRITICAL | ||
Deserialization of Untrusted Data vulnerability in Elie Burstein, Baptiste Gourdin Talkback allows Object Injection.This issue affects Talkback: from n/a through 1.0. | |||||
CVE-2024-9005 | 2024-10-10 | N/A | 7.1 HIGH | ||
CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be remotely executed on the server when unsafely deserialized data is posted to the web server. | |||||
CVE-2024-9314 | 2024-10-07 | N/A | 7.2 HIGH | ||
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'set_redirections' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | |||||
CVE-2024-8922 | 1 Piwebsolution | 1 Product Enquiry For Woocommerce | 2024-10-04 | N/A | 8.8 HIGH |
The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untrusted input in enquiry_detail.php. This makes it possible for authenticated attackers, with Author-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | |||||
CVE-2024-8885 | 2024-10-04 | N/A | 8.8 HIGH | ||
A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files. | |||||
CVE-2024-7576 | 1 Telerik | 1 Ui For Wpf | 2024-10-03 | N/A | 9.8 CRITICAL |
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability. | |||||
CVE-2024-8316 | 1 Telerik | 1 Ui For Wpf | 2024-10-03 | N/A | 7.8 HIGH |
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability. | |||||
CVE-2024-8514 | 1 Prisna | 1 Google Website Translator | 2024-10-02 | N/A | 7.2 HIGH |
The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.11 via deserialization of untrusted input from the 'prisna_import' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | |||||
CVE-2024-8353 | 1 Givewp | 1 Givewp | 2024-10-01 | N/A | 9.8 CRITICAL |
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input via several parameters like 'give_title' and 'card_address'. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files and achieve remote code execution. This is essentially the same vulnerability as CVE-2024-5932, however, it was discovered the the presence of stripslashes_deep on user_info allows the is_serialized check to be bypassed. This issue was mostly patched in 3.16.1, but further hardening was added in 3.16.2. | |||||
CVE-2024-43191 | 2024-09-30 | N/A | 7.2 HIGH | ||
IBM ManageIQ could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted yaml file request. | |||||
CVE-2024-7351 | 1 Presstigers | 1 Simple Job Board | 2024-09-27 | N/A | 7.2 HIGH |
The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.12.3 via deserialization of untrusted input when editing job applications. This makes it possible for authenticated attackers, with Editor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | |||||
CVE-2022-2446 | 1 Benjaminrojas | 1 Wp Editor | 2024-09-27 | N/A | 7.2 HIGH |
The WP Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'current_theme_root' parameter in versions up to, and including 1.2.9. This makes it possible for authenticated attackers with administrative privileges to call files using a PHAR wrapper that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload. | |||||
CVE-2022-2439 | 2024-09-26 | N/A | 7.2 HIGH | ||
The Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress is vulnerable to deserialization of untrusted input via the 'upload[file]' parameter in versions up to, and including 3.3.3. This makes it possible for authenticated administrative users to call files using a PHAR wrapper, that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. | |||||
CVE-2024-8862 | 1 H2o | 1 H2o | 2024-09-20 | 7.5 HIGH | 9.8 CRITICAL |
A vulnerability, which was classified as critical, has been found in h2oai h2o-3 3.46.0.4. This issue affects the function getConnectionSafe of the file /dtale/chart-data/1 of the component JDBC Connection Handler. The manipulation of the argument query leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2024-44902 | 1 Thinkphp | 1 Thinkphp | 2024-09-20 | N/A | 9.8 CRITICAL |
A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code. | |||||
CVE-2024-5998 | 2024-09-20 | N/A | 5.2 MEDIUM | ||
A vulnerability in the FAISS.deserialize_from_bytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product. |