Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Admin Columns <= 7.0.18 - Authenticated (Contributor+) PHP Object Injection to Remote Code Execution via Custom Field Meta Value
Seagull Software BarTender Deserialization Privilege Escalation via .NET Remoting Service
Seagull Software BarTender Unauthenticated RCE via .NET Remoting Service
Apache Fory: Java ReplaceResolverSerializer deserialization checks bypass
Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the Workflow, Form block, and File/Set components that la...
Apache MINA: Critical Deserialization Allow-list Bypass via resolveProxyClass - ZDRES-232
AIOHTTP Vulnerable to Deserialization of Untrusted Data
React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPE_ERROR deserialization leading to Unauth RCE
NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization of untrusted data
NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization of untrusted data
WordPress Askka theme <= 1.3.1 - PHP Object Injection vulnerability
WordPress Töbel theme <= 1.8.1 - PHP Object Injection vulnerability
WordPress Aperitif theme <= 1.6 - PHP Object Injection vulnerability
FoundationAgents MetaGPT schema.py Message.check_instruct_content deserialization
IBM WebSphere Application Server is affected by remote code execution
IBM WebSphere Application Server is affected by a remote code execution vulnerability
AI Tensor Engine for ROCm (AITER) 0.1.14 Unauthenticated RCE via MessageQueue.recv() Pickle Deserialization
Logback deserialization whitelist bypass for Proxy objects
Apache Airflow: Authenticated RCE via XCom PATCH endpoint — XComUpdateBody missing FORBIDDEN_XCOM_KEYS validator
Apache Airflow: Arbitrary import in custom deadline-reference deserialization
Showing 1 - 20 of 1,000+ results