CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-502

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1000053 502 Exec Code 2017-07-17 2017-08-03
6.8
None Remote Medium Not required Partial Partial Partial
Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to arbitrary code execution in the deserialization functions of Plug.Session.
2 CVE-2017-1000034 502 Exec Code 2017-07-17 2017-08-04
9.3
None Remote Medium Not required Complete Complete Complete
Akka versions <=2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem.
3 CVE-2017-14702 502 Exec Code 2017-09-29 2017-10-06
7.5
None Remote Low Not required Partial Partial Partial
ERS Data System 1.8.1.0 allows remote attackers to execute arbitrary code, related to "com.branaghgroup.ecers.update.UpdateRequest" object deserialization.
4 CVE-2017-14035 502 2017-08-30 2017-09-01
7.5
None Remote Low Not required Partial Partial Partial
CrushFTP 8.x before 8.2.0 has a serialization vulnerability.
5 CVE-2017-12796 502 Exec Code 2017-10-23 2017-11-21
10.0
None Remote Low Not required Complete Complete Complete
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system commands by crafting malicious XML payloads, as demonstrated by a single admin/reports/reportSchemaXml.form request.
6 CVE-2017-12628 502 Exec Code 2017-10-20 2017-11-08
7.2
None Local Low Not required Complete Complete Complete
The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for privilege escalation. Release 3.0.1 upgrades the incriminated library.
7 CVE-2017-12612 502 Exec Code 2017-09-13 2017-09-26
7.2
None Local Low Not required Complete Complete Complete
In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of data received by its socket. This makes applications launched programmatically using the launcher API potentially vulnerable to arbitrary code execution by an attacker with access to any user account on the local machine. It does not affect apps run by spark-submit or spark-shell. The attacker would be able to execute code as the user that ran the Spark application. Users are encouraged to update to version 2.2.0 or later.
8 CVE-2017-12149 502 Exec Code 2017-10-04 2017-10-20
7.5
None Remote Low Not required Partial Partial Partial
In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data.
9 CVE-2017-11153 502 +Priv 2017-08-08 2017-08-18
7.5
None Remote Low Not required Partial Partial Partial
Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to gain administrator privileges via a crafted serialized payload.
10 CVE-2017-11143 502 2017-07-10 2017-11-02
5.0
None Remote Low Not required None None Partial
In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c.
11 CVE-2017-10932 502 Exec Code 2017-09-27 2017-10-11
10.0
None Remote Low Not required Complete Complete Complete
All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabilities by sending a crafted RMI request to execute arbitrary code on the target host.
12 CVE-2017-9844 502 DoS Exec Code 2017-07-12 2017-07-21
7.5
None Remote Low Not required Partial Partial Partial
SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804.
13 CVE-2017-9830 502 Exec Code 2017-06-27 2017-07-05
7.5
None Remote Low Not required Partial Partial Partial
Remote Code Execution is possible in Code42 CrashPlan 5.4.x via the org.apache.commons.ssl.rmi.DateRMI Java class, because (upon instantiation) it creates an RMI server that listens on a TCP port and deserializes objects sent by TCP clients.
14 CVE-2017-9805 502 Exec Code 2017-09-15 2017-11-09
6.8
None Remote Medium Not required Partial Partial Partial
The REST Plugin in Apache Struts 2.1.2 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
15 CVE-2017-9785 502 Exec Code CSRF 2017-07-20 2017-07-25
7.5
None Remote Low Not required Partial Partial Partial
Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse has Remote Code Execution via Deserialization of JSON data in a CSRF Cookie.
16 CVE-2017-9424 502 Exec Code 2017-06-22 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attackers to execute arbitrary code, related to use of TypeNameHandling in JSON deserialization.
17 CVE-2017-9363 502 Exec Code 2017-06-02 2017-06-09
7.5
None Remote Low Not required Partial Partial Partial
Untrusted Java serialization in Soffid IAM console before 1.7.5 allows remote attackers to achieve arbitrary remote code execution via a crafted authentication request.
18 CVE-2017-8829 502 Exec Code 2017-05-08 2017-05-16
6.8
None Remote Medium Not required Partial Partial Partial
Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code execution by requesting a review of a source package with a crafted YAML file.
19 CVE-2017-8804 502 DoS 2017-05-07 2017-05-15
7.8
None Remote Low Not required None None Complete
The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779.
20 CVE-2017-7504 502 Exec Code 2017-05-19 2017-06-02
7.5
None Remote Low Not required Partial Partial Partial
HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the JbossMQ implementation, which is enabled by default in Red Hat Jboss Application Server <= Jboss 4.X does not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized data.
21 CVE-2017-5983 502 DoS Exec Code 2017-04-10 2017-04-14
7.5
None Remote Low Not required Partial Partial Partial
The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object.
22 CVE-2017-5954 502 Exec Code Bypass 2017-02-10 2017-03-13
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the serialize-to-js package 0.5.0 for Node.js. Untrusted data passed into the deserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE).
23 CVE-2017-5941 502 Exec Code Bypass 2017-02-09 2017-02-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE).
24 CVE-2017-5929 502 2017-03-13 2017-03-13
7.5
None Remote Low Not required Partial Partial Partial
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.
25 CVE-2017-5878 502 Exec Code 2017-06-08 2017-06-28
7.5
None Remote Low Not required Partial Partial Partial
The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data.
26 CVE-2017-5645 502 Exec Code 2017-04-17 2017-04-24
7.5
None Remote Low Not required Partial Partial Partial
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
27 CVE-2017-4914 502 Exec Code 2017-06-07 2017-08-12
7.5
None Remote Low Not required Partial Partial Partial
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance.
28 CVE-2017-3159 502 2017-03-07 2017-06-08
7.5
None Remote Low Not required Partial Partial Partial
Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws.
29 CVE-2017-3066 502 Exec Code 2017-04-27 2017-07-10
7.5
None Remote Low Not required Partial Partial Partial
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution.
30 CVE-2017-2295 502 Exec Code 2017-07-05 2017-11-03
6.0
None Remote Medium Single system Partial Partial Partial
Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code execution. This change constrains the format of data on the wire to PSON or safely decoded YAML.
31 CVE-2017-2292 502 Exec Code 2017-06-30 2017-09-05
7.5
None Remote Low Not required Partial Partial Partial
Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safe_load on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a chance that third-party plugins could rely on this insecure behavior.
32 CVE-2017-0903 502 Exec Code Bypass 2017-10-11 2017-11-12
7.5
None Remote Low Not required Partial Partial Partial
RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.
33 CVE-2016-10304 502 DoS 2017-04-10 2017-04-14
4.0
None Remote Low Single system None None Partial
The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788.
34 CVE-2016-9865 502 Bypass 2016-12-10 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to bypass the protection offered by PMA_safeUnserialize() function. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
35 CVE-2016-9571 502 2017-03-07 2017-03-08
7.5
None Remote Low Not required Partial Partial Partial
Apache Camel's camel-jackson and camel-jacksonxml components are vulnerable to Java object de-serialization vulnerability. Camel allows to specify such a type through the 'CamelJacksonUnmarshalType' property. De-serializing untrusted data can lead to security flaws as demonstrated in various similar reports about Java de-serialization issues.
36 CVE-2016-8749 502 Exec Code 2017-03-28 2017-06-08
7.5
None Remote Low Not required Partial Partial Partial
Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks.
37 CVE-2016-8744 502 Exec Code 2017-09-13 2017-09-29
9.0
None Remote Low Single system Complete Complete Complete
Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs. SnakeYAML allows the use of YAML tags to indicate that SnakeYAML should unmarshal data to a Java type. In the default configuration in Brooklyn before 0.10.0, SnakeYAML will allow unmarshalling to any Java type available on the classpath. This could provide an authenticated user with a means to cause the JVM running Brooklyn to load and run Java code without detection by Brooklyn. Such code would have the privileges of the Java process running Brooklyn, including the ability to open files and network connections, and execute system commands. There is known to be a proof-of-concept exploit using this vulnerability.
38 CVE-2016-8736 502 Exec Code 2017-10-12 2017-10-24
7.5
None Remote Low Not required Partial Partial Partial
Apache Openmeetings before 3.1.2 is vulnerable to Remote Code Execution via RMI deserialization attack.
39 CVE-2016-7124 502 DoS 2016-09-11 2017-11-02
7.5
None Remote Low Not required Partial Partial Partial
ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call.
40 CVE-2016-7065 502 DoS Exec Code 2016-10-13 2016-12-22
6.5
None Remote Low Single system Partial Partial Partial
The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object.
41 CVE-2016-7050 502 Exec Code 2017-06-08 2017-06-16
7.5
None Remote Low Not required Partial Partial Partial
SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.
42 CVE-2016-6809 502 Exec Code 2017-04-06 2017-04-12
7.5
None Remote Low Not required Partial Partial Partial
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization.
43 CVE-2016-6793 502 DoS Exec Code 2017-07-17 2017-08-04
6.4
None Remote Low Not required None Partial Partial
The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.7 allows remote attackers to cause a denial of service (infinite loop) and write to, move, and delete files with the permissions of DiskFileItem, and if running on a Java VM before 1.3.1, execute arbitrary code via a crafted serialized Java object.
44 CVE-2016-6620 502 Exec Code 2016-12-10 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in phpMyAdmin. Some data is passed to the PHP unserialize() function without verification that it's valid serialized data. The unserialization can result in code execution because of the interaction with object instantiation and autoloading. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
45 CVE-2016-6330 502 Exec Code 2016-09-27 2016-12-23
9.0
None Remote Low Not required Partial Partial Complete
The server in Red Hat JBoss Operations Network (JON), when SSL authentication is not configured for JON server / agent communication, allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-3737.
46 CVE-2016-6199 502 Exec Code 2017-02-07 2017-02-13
7.5
None Remote Low Not required Partial Partial Partial
ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to execute arbitrary code via a crafted serialized object.
47 CVE-2016-5019 502 2016-10-03 2017-10-19
7.5
None Remote Low Not required Partial Partial Partial
CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserialization attacks via a crafted serialized view state string.
48 CVE-2016-5003 502 Exec Code 2017-10-27 2017-11-15
7.5
None Remote Low Not required Partial Partial Partial
The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an <ex:serializable> element.
49 CVE-2016-4978 502 Exec Code 2016-09-27 2016-09-28
6.0
None Remote Medium Single system Partial Partial Partial
The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath.
50 CVE-2016-4385 502 Exec Code 2016-09-29 2017-11-02
7.5
None Remote Low Not required Partial Partial Partial
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries.
Total number of vulnerabilities : 58   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.