Loftware Spectrum before 4.6 HF13 Deserializes Untrusted Data.
Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks.
Loftware Spectrum through 4.6 has unprotected JMX Registry.
Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function.
Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password.
Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF.
Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor.
Loftware Spectrum before 5.1 allows SSRF.
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code
Deserialization of untrusted data can occur in versions 2.4.0 or newer of the Cleanlab project, enabling a maliciously crafted datalab.pkl file to run arbitrary code on an end user’s system when the d
Deserialization of Untrusted Data vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
Deserialization of Untrusted Data vulnerability in shinetheme Traveler traveler.This issue affects Traveler: from n/a through < 3.2.1.
Deserialization of Untrusted Data vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through <= 2.7.2.
Vulnerability of serialisation/deserialisation mismatch in the iAware module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Deserialization of untrusted data in the LanguageModel class of Flair from versions 0.4.1 to latest are vulnerable to arbitrary code execution when loading a malicious model.
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity
and potential remote code execution on workstation when a non-admin authenticated
Deserialization of Untrusted Data vulnerability in Crew HRM Crew HRM hr-management.This issue affects Crew HRM: from n/a through <= 1.1.1.
A Deserialization of Untrusted Data vulnerability in chainer v7.8.1.post1 leads to execution of arbitrary code.
Deserialization of Untrusted Data vulnerability in ThimPress Course Builder course-builder allows Object Injection.This issue affects Course Builder: from n/a through < 3.6.6.
Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon:
Page 1+ Next →