| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2023-32336 |
502 |
|
Exec Code |
2023-05-22 |
2023-05-26 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. IBM X-Force ID: 255285. |
|
2 |
CVE-2023-31890 |
502 |
|
Exec Code |
2023-05-16 |
2023-05-25 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode() parameter. |
|
3 |
CVE-2023-31058 |
502 |
|
Bypass |
2023-05-22 |
2023-05-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the
'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick
https://github.com/apache/inlong/pull/7674 https://github.com/apache/inlong/pull/7674 to solve it.
|
|
4 |
CVE-2023-30899 |
502 |
|
Exec Code |
2023-05-09 |
2023-05-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions < V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions < V21.1 HotfixRev12), Siveillance Video 2021 R2 (All versions < V21.2 HotfixRev8), Siveillance Video 2022 R1 (All versions < V22.1 HotfixRev7), Siveillance Video 2022 R2 (All versions < V22.2 HotfixRev5), Siveillance Video 2022 R3 (All versions < V22.3 HotfixRev2), Siveillance Video 2023 R1 (All versions < V23.1 HotfixRev1). The Management Server component of affected applications deserializes data without sufficient validations. This could allow an authenticated remote attacker to execute code on the affected system. |
|
5 |
CVE-2023-30898 |
502 |
|
Exec Code |
2023-05-09 |
2023-05-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions < V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions < V21.1 HotfixRev12), Siveillance Video 2021 R2 (All versions < V21.2 HotfixRev8), Siveillance Video 2022 R1 (All versions < V22.1 HotfixRev7), Siveillance Video 2022 R2 (All versions < V22.2 HotfixRev5), Siveillance Video 2022 R3 (All versions < V22.3 HotfixRev2), Siveillance Video 2023 R1 (All versions < V23.1 HotfixRev1). The Event Server component of affected applications deserializes data without sufficient validations. This could allow an authenticated remote attacker to execute code on the affected system. |
|
6 |
CVE-2023-29216 |
502 |
|
Exec Code |
2023-04-10 |
2023-04-13 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In Apache Linkis <=1.3.1, because the parameters are not
effectively filtered, the attacker uses the MySQL data source and malicious parameters to
configure a new data source to trigger a deserialization vulnerability, eventually leading to
remote code execution.
Versions of Apache Linkis <= 1.3.0 will be affected.
We recommend users upgrade the version of Linkis to version 1.3.2.
|
|
7 |
CVE-2023-29215 |
502 |
|
Exec Code |
2023-04-10 |
2023-04-13 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In Apache Linkis <=1.3.1, due to the lack of effective filtering
of parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EengineConn Module will trigger a
deserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.
We recommend users upgrade the version of Linkis to version 1.3.2.
|
|
8 |
CVE-2023-29006 |
502 |
|
Exec Code |
2023-04-05 |
2023-04-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Order GLPI plugin allows users to manage order management within GLPI. Starting with version 1.8.0 and prior to versions 2.7.7 and 2.10.1, an authenticated user that has access to standard interface can craft an URL that can be used to execute a system command. Versions 2.7.7 and 2.10.1 contain a patch for this issue. As a workaround, delete the `ajax/dropdownContact.php` file from the plugin. |
|
9 |
CVE-2023-28667 |
502 |
|
|
2023-03-22 |
2023-03-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Lead Generated WordPress Plugin, version <= 1.23, was affected by an unauthenticated insecure deserialization issue. The tve_labels parameter of the tve_api_form_submit action is passed to the PHP unserialize() function without being sanitized or verified, and as a result could lead to PHP object injection, which when combined with certain class implementations / gadget chains could be leveraged to perform a variety of malicious actions granted a POP chain is also present. |
|
10 |
CVE-2023-28500 |
502 |
|
Exec Code +Priv |
2023-04-06 |
2023-04-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** UNSUPPORTED WHEN ASSIGNED ** A Java insecure deserialization vulnerability in Adobe LiveCycle ES4 version 11.0 and earlier allows unauthenticated remote attackers to gain operating system code execution by submitting specially crafted Java serialized objects to a specific URL. Adobe LiveCycle ES4 version 11.0.1 and later may be vulnerable if the application is installed with Java environment 7u21 and earlier. Exploitation of the vulnerability depends on two factors: insecure deserialization methods used in the Adobe LiveCycle application, and the use of Java environments 7u21 and earlier. The code execution is performed in the context of the account that is running the Adobe LiveCycle application. If the account is privileged, exploitation provides privileged access to the operating system. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
11 |
CVE-2023-28115 |
502 |
|
Exec Code |
2023-03-17 |
2023-03-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the `file_exists()` function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP objects. This can lead to remote code execution especially when snappy is used with frameworks with documented POP chains like Laravel/Symfony vulnerable developer code. If a user can control the output file from the `generateFromHtml()` function, it will invoke deserialization. This vulnerability is capable of remote code execution if Snappy is used with frameworks or developer code with vulnerable POP chains. It has been fixed in version 1.4.2. |
|
12 |
CVE-2023-27978 |
502 |
|
Exec Code |
2023-03-21 |
2023-03-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution when an attacker gets the user to open a malicious file. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior). |
|
13 |
CVE-2023-27296 |
502 |
|
|
2023-03-27 |
2023-03-31 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong. It could be triggered by authenticated users of InLong, you could refer to [1] to know more about this vulnerability. This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick [2] to solve it. [1] https://programmer.help/blogs/jdbc-deserialization-vulnerability-learning.html https://programmer.help/blogs/jdbc-deserialization-vulnerability-learning.html [2] https://github.com/apache/inlong/pull/7422 https://github.com/apache/inlong/pull/7422 |
|
14 |
CVE-2023-27068 |
502 |
|
|
2023-05-23 |
2023-05-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Deserialization of Untrusted Data in Sitecore Experience Platform through 10.2 allows remote attackers to run arbitrary code via ValidationResult.aspx. |
|
15 |
CVE-2023-26779 |
502 |
|
Exec Code |
2023-03-03 |
2023-03-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
CleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code execution (RCE). |
|
16 |
CVE-2023-26548 |
502 |
|
|
2023-03-27 |
2023-04-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect availability. |
|
17 |
CVE-2023-26547 |
502 |
|
|
2023-03-27 |
2023-04-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. |
|
18 |
CVE-2023-26464 |
502 |
|
DoS |
2023-03-10 |
2023-05-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** UNSUPPORTED WHEN ASSIGNED **
When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted (ie, deeply nested)
hashmap or hashtable (depending on which logging component is in use) to be processed could exhaust the available memory in the virtual machine and achieve Denial of Service when the object is deserialized.
This issue affects Apache Log4j before 2. Affected users are recommended to update to Log4j 2.x.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
|
|
19 |
CVE-2023-26359 |
502 |
|
Exec Code |
2023-03-23 |
2023-03-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. |
|
20 |
CVE-2023-26326 |
502 |
|
|
2023-02-23 |
2023-03-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The BuddyForms WordPress plugin, in versions prior to 2.7.8, was affected by an unauthenticated insecure deserialization issue. An unauthenticated attacker could leverage this issue to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. |
|
21 |
CVE-2023-26234 |
502 |
|
|
2023-02-21 |
2023-03-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
JD-GUI 1.6.6 allows deserialization via UIMainWindowPreferencesProvider.singleInstance. |
|
22 |
CVE-2023-25558 |
502 |
|
Exec Code |
2023-02-11 |
2023-02-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
DataHub is an open-source metadata platform. When the DataHub frontend is configured to authenticate via SSO, it will leverage the pac4j library. The processing of the `id_token` is done in an unsafe manner which is not properly accounted for by the DataHub frontend. Specifically, if any of the id_token claims value start with the {#sb64} prefix, pac4j considers the value to be a serialized Java object and will deserialize it. This issue may lead to Remote Code Execution (RCE) in the worst case. Although a `RestrictedObjectInputStream` is in place, that puts some restriction on what classes can be deserialized, it still allows a broad range of java packages and potentially exploitable with different gadget chains. Users are advised to upgrade. There are no known workarounds. This vulnerability was discovered and reported by the GitHub Security lab and is tracked as GHSL-2022-086. |
|
23 |
CVE-2023-25194 |
502 |
|
|
2023-02-07 |
2023-02-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A possible security vulnerability has been identified in Apache Kafka Connect. This requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka Connect clusters since Apache Kafka 2.3.0. When configuring the connector via the Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config` property for any of the connector's Kafka clients to "com.sun.security.auth.module.JndiLoginModule", which can be done via the `producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties. This will allow the server to connect to the attacker's LDAP server and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server. Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath. Since Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box configurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector client override policy that permits them. Since Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka 3.4.0. We advise the Kafka Connect users to validate connector configurations and only allow trusted JNDI configurations. Also examine connector dependencies for vulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally, in addition to leveraging the "org.apache.kafka.disallowed.login.modules" system property, Kafka Connect users can also implement their own connector client config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot. |
|
24 |
CVE-2023-25135 |
502 |
|
Exec Code |
2023-02-03 |
2023-02-13 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers deserialization. This occurs because verify_serialized checks that a value is serialized by calling unserialize and then checking for errors. The fixed versions are 5.6.7 PL1, 5.6.8 PL1, and 5.6.9 PL1. |
|
25 |
CVE-2023-24997 |
502 |
|
|
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7223 https://github.com/apache/inlong/pull/7223 to solve it. |
|
26 |
CVE-2023-24162 |
502 |
|
Exec Code |
2023-01-31 |
2023-02-07 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter. |
|
27 |
CVE-2023-23836 |
502 |
|
Exec Code |
2023-02-15 |
2023-02-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands. |
|
28 |
CVE-2023-23638 |
502 |
|
Exec Code |
2023-03-08 |
2023-03-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions. |
|
29 |
CVE-2023-22850 |
502 |
|
|
2023-01-14 |
2023-01-25 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object Injection because of an unserialize call. |
|
30 |
CVE-2023-20944 |
502 |
|
|
2023-02-28 |
2023-03-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-244154558 |
|
31 |
CVE-2023-20878 |
502 |
|
Exec Code |
2023-05-12 |
2023-06-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system. |
|
32 |
CVE-2023-20864 |
502 |
|
Exec Code |
2023-04-20 |
2023-05-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root. |
|
33 |
CVE-2023-20853 |
502 |
|
Exec Code |
2023-04-27 |
2023-05-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ asynchronized message process. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands to perform arbitrary system operation or disrupt service. |
|
34 |
CVE-2023-20852 |
502 |
|
Exec Code |
2023-04-27 |
2023-05-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ interpreter. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands to perform arbitrary system operation or disrupt service. |
|
35 |
CVE-2023-20102 |
502 |
|
Exec Code |
2023-04-05 |
2023-04-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into system memory. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the administrator user. |
|
36 |
CVE-2023-2500 |
502 |
|
Exec Code |
2023-05-25 |
2023-05-31 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.3.19 via deserialization of untrusted input from the 'go_pricing' shortcode 'data' parameter. This allows authenticated attackers, with subscriber-level permissions and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. |
|
37 |
CVE-2023-2288 |
502 |
|
|
2023-05-30 |
2023-06-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before performing file operations on them. This leads to a PHAR deserialization vulnerability on PHP < 8.0 using the phar:// stream wrapper. |
|
38 |
CVE-2023-2141 |
502 |
|
Exec Code |
2023-04-21 |
2023-05-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution.
|
|
39 |
CVE-2023-2042 |
502 |
|
|
2023-04-14 |
2023-04-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability, which was classified as problematic, has been found in DataGear up to 4.5.1. Affected by this issue is some unknown functionality of the component JDBC Server Handler. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225920. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
|
40 |
CVE-2023-1967 |
502 |
|
|
2023-04-27 |
2023-05-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid. |
|
41 |
CVE-2023-1876 |
502 |
|
|
2023-04-05 |
2023-04-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Deserialization of Untrusted Data in GitHub repository microweber/microweber prior to 1.3.3. |
|
42 |
CVE-2023-1669 |
502 |
|
|
2023-05-02 |
2023-05-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. |
|
43 |
CVE-2023-1650 |
502 |
|
|
2023-05-08 |
2023-05-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX action available to unauthenticated users, which could allow them to perform PHP Object Injection when a suitable gadget is present on the blog |
|
44 |
CVE-2023-1552 |
502 |
|
Exec Code |
2023-04-11 |
2023-04-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or who has conducted a social engineering attack on an authorized operator could execute code in a Toolbox user's context through the deserialization of an untrusted configuration file. Two CVSS scores have been provided to capture the differences between the two aforementioned attack vectors.
Customers are advised to update to ToolboxST 7.10 which can be found in ControlST 7.10. If unable to update at this time customers should ensure they are following the guidance laid out in GE Gas Power's Secure Deployment Guide (GEH-6839). Customers should ensure they are not running ToolboxST as an Administrative user. |
|
45 |
CVE-2023-1549 |
502 |
|
|
2023-05-15 |
2023-05-23 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present |
|
46 |
CVE-2023-1399 |
502 |
|
Exec Code |
2023-03-27 |
2023-04-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the affected device’s default configuration and achieve remote code execution. |
|
47 |
CVE-2023-1381 |
502 |
|
Exec Code |
2023-04-10 |
2023-04-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in certain configurations to achieve remote code execution. |
|
48 |
CVE-2023-1347 |
502 |
|
|
2023-05-08 |
2023-05-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present |
|
49 |
CVE-2023-1196 |
502 |
|
|
2023-05-02 |
2023-05-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5.12.5 unserialize user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present. |
|
50 |
CVE-2023-1145 |
502 |
|
Exec Code |
2023-03-27 |
2023-03-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in remote code execution. |
