Total
1363 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-31094 | 2024-04-01 | N/A | N/A | ||
| Deserialization of Untrusted Data vulnerability in Filter Custom Fields & Taxonomies Light.This issue affects Filter Custom Fields & Taxonomies Light: from n/a through 1.05. | |||||
| CVE-2024-30226 | 2024-03-28 | N/A | 9.0 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in WPDeveloper BetterDocs.This issue affects BetterDocs: from n/a through 3.3.3. | |||||
| CVE-2024-30230 | 2024-03-28 | N/A | 8.2 HIGH | ||
| Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7. | |||||
| CVE-2023-23649 | 2024-03-28 | N/A | 8.1 HIGH | ||
| Deserialization of Untrusted Data vulnerability in MainWP MainWP Links Manager Extension.This issue affects MainWP Links Manager Extension: from n/a through 2.1. | |||||
| CVE-2024-30223 | 2024-03-28 | N/A | 9.0 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26. | |||||
| CVE-2024-30225 | 2024-03-28 | N/A | 10.0 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects WP Migrate: from n/a through 2.6.10. | |||||
| CVE-2024-30222 | 2024-03-28 | N/A | 8.5 HIGH | ||
| Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26. | |||||
| CVE-2024-30221 | 2024-03-28 | N/A | 5.4 MEDIUM | ||
| Deserialization of Untrusted Data vulnerability in WP Sunshine Sunshine Photo Cart.This issue affects Sunshine Photo Cart: from n/a through 3.1.1. | |||||
| CVE-2024-30229 | 2024-03-28 | N/A | 8.0 HIGH | ||
| Deserialization of Untrusted Data vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.4.2. | |||||
| CVE-2024-30224 | 2024-03-28 | N/A | 10.0 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in Wholesale Team WholesaleX.This issue affects WholesaleX: from n/a through 1.3.2. | |||||
| CVE-2024-30228 | 2024-03-28 | N/A | 9.9 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in Hercules Design Hercules Core.This issue affects Hercules Core : from n/a through 6.4. | |||||
| CVE-2024-30227 | 2024-03-28 | N/A | 9.0 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in INFINITUM FORM Geo Controller.This issue affects Geo Controller: from n/a through 8.6.4. | |||||
| CVE-2023-27459 | 2024-03-27 | N/A | 7.4 HIGH | ||
| Deserialization of Untrusted Data vulnerability in WPEverest User Registration.This issue affects User Registration: from n/a through 2.3.2.1. | |||||
| CVE-2024-24842 | 2024-03-27 | N/A | 8.7 HIGH | ||
| Deserialization of Untrusted Data vulnerability in Echo Plugins Knowledge Base for Documentation, FAQs with AI Assistance.This issue affects Knowledge Base for Documentation, FAQs with AI Assistance: from n/a through 11.30.2. | |||||
| CVE-2024-28861 | 2024-03-22 | N/A | 9.8 CRITICAL | ||
| Symfony 1 is a community-driven fork of the 1.x branch of Symfony, a PHP framework for web projects. Starting in version 1.1.0 and prior to version 1.5.19, Symfony 1 has a gadget chain due to dangerous deserialization in `sfNamespacedParameterHolder` class that would enable an attacker to get remote code execution if a developer deserializes user input in their project. Version 1.5.19 contains a patch for the issue. | |||||
| CVE-2024-29032 | 2024-03-21 | N/A | 5.3 MEDIUM | ||
| Qiskit IBM Runtime is an environment that streamlines quantum computations and provides optimal implementations of the Qiskit quantum computing SDK. Starting in version 0.1.0 and prior to version 0.21.2, deserializing json data using `qiskit_ibm_runtime.RuntimeDecoder` can lead to arbitrary code execution given a correctly formatted input string. Version 0.21.2 contains a fix for this issue. | |||||
| CVE-2024-2054 | 2024-03-21 | N/A | N/A | ||
| The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. | |||||
| CVE-2024-22320 | 1 Ibm | 1 Operational Decision Manager | 2024-03-21 | N/A | 8.8 HIGH |
| IBM Operational Decision Manager 8.10.3 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of SYSTEM. IBM X-Force ID: 279146. | |||||
| CVE-2024-1801 | 2024-03-20 | N/A | 7.7 HIGH | ||
| In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability. | |||||
| CVE-2024-1856 | 2024-03-20 | N/A | 8.5 HIGH | ||
| In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a remote threat actor through an insecure deserialization vulnerability. | |||||