Total
1363 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-11945 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-15320 | 1 Optiontree Project | 1 Optiontree | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The option-tree plugin before 2.7.3 for WordPress has Object Injection because the + character is mishandled. | |||||
| CVE-2018-14572 | 1 Pyconuk | 1 Conference-scheduler-cli | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| In conference-scheduler-cli, a pickle.load call on imported data allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call. | |||||
| CVE-2019-7743 | 1 Joomla | 1 Joomla\! | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Joomla! before 3.9.3. The phar:// stream wrapper can be used for objection injection attacks because there is no protection mechanism (such as the TYPO3 PHAR stream wrapper) to prevent use of the phar:// handler for non .phar-files. | |||||
| CVE-2018-18240 | 1 Pippo | 1 Pippo | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Pippo through 1.11.0 allows remote code execution via a command to java.lang.ProcessBuilder because the XstreamEngine component does not use XStream's available protection mechanisms to restrict unmarshalling. | |||||
| CVE-2019-15319 | 1 Optiontree Project | 1 Optiontree | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The option-tree plugin before 2.7.0 for WordPress has Object Injection by leveraging a valid nonce. | |||||
| CVE-2018-15576 | 1 Hazzardweb | 1 Easylogin Pro | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php contains an unserialize call that can be exploited for remote code execution in the decrypt function, if the attacker knows the key. | |||||
| CVE-2019-12017 | 1 Mapr | 1 Mapr | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in MapR CLDB code, specifically in the JSON framework that is used in the CLDB code that handles login and ticket issuance. An attacker can use the 'class' property of the JSON request sent to the CLDB to influence the JSON library's decision on which Java class this JSON request is deserialized to. By doing so, the attacker can force the MapR CLDB to construct a URLClassLoader which loads a malicious Java class from a remote path and instantiate this object in the MapR CLDB, thus executing arbitrary code on the machine running the MapR CLDB and take over the cluster. By switching to the newer Jackson library and ensuring that all incoming JSON requests are only deserialized to the same class that it was serialized from, the vulnerability is fixed. This vulnerability affects the entire MapR core platform. | |||||
| CVE-2019-0344 | 1 Sap | 1 Commerce Cloud | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection. | |||||
| CVE-2019-9056 | 1 Cmsmadesimple | 1 Cms Made Simple | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in CMS Made Simple 2.2.8. In the module FrontEndUsers (in the file class.FrontEndUsersManipulate.php or class.FrontEndUsersManipulator.php), it is possible to reach an unserialize call with an untrusted __FEU__ cookie, and achieve authenticated object injection. | |||||
| CVE-2018-20718 | 1 Pydio | 1 Pydio | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed to use the $phpserial$a:0:{} syntax to store a preference. An attacker either needs a "public link" of a file, or access to any unprivileged user account for creation of such a link. | |||||
| CVE-2019-6340 | 1 Drupal | 1 Drupal | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.) | |||||
| CVE-2019-11030 | 1 Mirasys | 1 Mirasys Vms | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Mirasys.Common.Utils.Security.DataCrypt method in Common.dll in AuditTrailService in SMServer.exe. This method triggers insecure deserialization within the .NET garbage collector, in which a gadget (contained in a serialized object) may be executed with SYSTEM privileges. The attacker must properly encrypt the object; however, the hardcoded keys are available. | |||||
| CVE-2019-8662 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary. | |||||
| CVE-2018-1000210 | 1 Yamldotnet Project | 1 Yamldotnet | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line "currentType = Type.GetType(nodeEvent.Tag.Substring(1), throwOnError: false);" and blindly instantiates them. that can result in Code execution in the context of the running process. This attack appear to be exploitable via Victim must parse a specially-crafted YAML file. This vulnerability appears to have been fixed in 5.0.0. | |||||
| CVE-2018-1000525 | 1 Openpsa2 | 1 Openpsa | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| openpsa contains a PHP Object Injection vulnerability in Form data passed as GET request variables that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Specially crafted GET request variable containing serialised PHP object. This vulnerability appears to have been fixed in after commit 097eae0. | |||||
| CVE-2019-16894 | 1 Inoideas | 1 Inoerp | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| download.php in inoERP 4.15 allows SQL injection through insecure deserialization. | |||||
| CVE-2019-17358 | 3 Cacti, Debian, Opensuse | 3 Cacti, Debian Linux, Leap | 2020-08-24 | 5.5 MEDIUM | 8.1 HIGH |
| Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module. | |||||
| CVE-2019-14224 | 1 Alfresco | 1 Alfresco | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr configuration files and then receive a JMX connection from the victim, and serve a Java object that results in deserialization and code execution. | |||||
| CVE-2019-15321 | 1 Optiontree Project | 1 Optiontree | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The option-tree plugin before 2.7.3 for WordPress has Object Injection because serialized classes are mishandled. | |||||