Total
1964 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-33207 | 1 Softwareag | 1 Mashzone Nextgen | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The HTTP client in MashZone NextGen through 10.7 GA deserializes untrusted data when it gets an HTTP response with a 570 status code. | |||||
| CVE-2021-33176 | 1 Octavolabs | 1 Vernemq | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| VerneMQ MQTT Broker versions prior to 1.12.0 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, resulting in the application being terminated by the operating system. | |||||
| CVE-2021-33175 | 1 Emqx | 1 Emq X Broker | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, resulting in the application being terminated by the operating system. | |||||
| CVE-2021-33026 | 1 Flask-caching Project | 1 Flask-caching | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage (e.g., filesystem, Memcached, Redis, etc.), they can construct a crafted payload, poison the cache, and execute Python code. NOTE: a third party indicates that exploitation is extremely unlikely unless the machine is already compromised; in other cases, the attacker would be unable to write their payload to the cache and generate the required collision | |||||
| CVE-2021-32935 | 1 Cognex | 1 In-sight Opc Server | 2024-11-21 | 10.0 HIGH | 8.8 HIGH |
| The affected Cognex product, the In-Sight OPC Server versions v5.7.4 (96) and prior, deserializes untrusted data, which could allow a remote attacker access to system level permission commands and local privilege escalation. | |||||
| CVE-2021-32836 | 1 Zstack | 1 Zstack | 2024-11-21 | 6.8 MEDIUM | 7.5 HIGH |
| ZStack is open source IaaS(infrastructure as a service) software. In ZStack before versions 3.10.12 and 4.1.6 there is a pre-auth unsafe deserialization vulnerability in the REST API. An attacker in control of the request body will be able to provide both the class name and the data to be deserialized and therefore will be able to instantiate an arbitrary type and assign arbitrary values to its fields. This issue may lead to a Denial Of Service. If a suitable gadget is available, then an attacker may also be able to exploit this vulnerability to gain pre-auth remote code execution. For additional details see the referenced GHSL-2021-087. | |||||
| CVE-2021-32828 | 1 Hyland | 1 Nuxeo | 2024-11-21 | N/A | 5.4 MEDIUM |
| The Nuxeo Platform is an open source content management platform for building business applications. In version 11.5.109, the `oauth2` REST API is vulnerable to Reflected Cross-Site Scripting (XSS). This XSS can be escalated to Remote Code Execution (RCE) by levering the automation API. | |||||
| CVE-2021-32824 | 1 Apache | 1 Dubbo | 2024-11-21 | N/A | 9.8 CRITICAL |
| Apache Dubbo is a java based, open source RPC framework. Versions prior to 2.6.10 and 2.7.10 are vulnerable to pre-auth remote code execution via arbitrary bean manipulation in the Telnet handler. The Dubbo main service port can be used to access a Telnet Handler which offers some basic methods to collect information about the providers and methods exposed by the service and it can even allow to shutdown the service. This endpoint is unprotected. Additionally, a provider method can be invoked using the `invoke` handler. This handler uses a safe version of FastJson to process the call arguments. However, the resulting list is later processed with `PojoUtils.realize` which can be used to instantiate arbitrary classes and invoke its setters. Even though FastJson is properly protected with a default blocklist, `PojoUtils.realize` is not, and an attacker can leverage that to achieve remote code execution. Versions 2.6.10 and 2.7.10 contain fixes for this issue. | |||||
| CVE-2021-32742 | 1 Vapor Project | 1 Vapor | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| Vapor is a web framework for Swift. In versions 4.47.1 and prior, bug in the `Data.init(base32Encoded:)` function opens up the potential for exposing server memory and/or crashing the server (Denial of Service) for applications where untrusted data can end up in said function. Vapor does not currently use this function itself so this only impact applications that use the impacted function directly or through other dependencies. The vulnerability is patched in version 4.47.2. As a workaround, one may use an alternative to Vapor's built-in `Data.init(base32Encoded:)`. | |||||
| CVE-2021-32634 | 1 Nsa | 1 Emissary | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Emissary is a distributed, peer-to-peer, data-driven workflow framework. Emissary 6.4.0 is vulnerable to Unsafe Deserialization of post-authenticated requests to the [`WorkSpaceClientEnqueue.action`](https://github.com/NationalSecurityAgency/emissary/blob/30c54ef16c6eb6ed09604a929939fb9f66868382/src/main/java/emissary/server/mvc/internal/WorkSpaceClientEnqueueAction.java) REST endpoint. This issue may lead to post-auth Remote Code Execution. This issue has been patched in version 6.5.0. As a workaround, one can disable network access to Emissary from untrusted sources. | |||||
| CVE-2021-32568 | 1 Mrdoc | 1 Mrdoc | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| mrdoc is vulnerable to Deserialization of Untrusted Data | |||||
| CVE-2021-32098 | 1 Artica | 1 Pandora Fms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Artica Pandora FMS 742 allows unauthenticated attackers to perform Phar deserialization. | |||||
| CVE-2021-32075 | 1 Re-logic | 1 Terraria | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Re-Logic Terraria before 1.4.2.3 performs Insecure Deserialization. | |||||
| CVE-2021-31819 | 1 Octopus | 1 Halibut | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification. | |||||
| CVE-2021-31681 | 1 Ultralytics | 1 Yolov3 | 2024-11-21 | N/A | 7.8 HIGH |
| Deserialization of Untrusted Data vulnerability in yolo 3 allows attackers to execute arbitrary code via crafted yaml file. | |||||
| CVE-2021-31680 | 1 Ultralytics | 1 Yolov5 | 2024-11-21 | N/A | 7.8 HIGH |
| Deserialization of Untrusted Data vulnerability in yolo 5 allows attackers to execute arbitrary code via crafted yaml file. | |||||
| CVE-2021-31649 | 1 Jfinal | 1 Jfinal | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In applications using jfinal 4.9.08 and below, there is a deserialization vulnerability when using redis,may be vulnerable to remote code execute | |||||
| CVE-2021-31474 | 1 Solarwinds | 1 Network Performance Monitor | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor 2020.2.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SolarWinds.Serialization library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-12213. | |||||
| CVE-2021-30179 | 1 Apache | 1 Dubbo | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Dubbo prior to 2.6.9 and 2.7.9 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter which will find the service and method specified in the first arguments of the invocation and use the Java Reflection API to make the final call. The signature for the $invoke or $invokeAsync methods is Ljava/lang/String;[Ljava/lang/String;[Ljava/lang/Object; where the first argument is the name of the method to invoke, the second one is an array with the parameter types for the method being invoked and the third one is an array with the actual call arguments. In addition, the caller also needs to set an RPC attachment specifying that the call is a generic call and how to decode the arguments. The possible values are: - true - raw.return - nativejava - bean - protobuf-json An attacker can control this RPC attachment and set it to nativejava to force the java deserialization of the byte array located in the third argument. | |||||
| CVE-2021-30128 | 1 Apache | 1 Ofbiz | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Apache OFBiz has unsafe deserialization prior to 17.12.07 version | |||||