Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Deserialization of Untrusted Data vulnerability in plainware Locatoraid Store Locator locatoraid allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through <= 3.9.50.
Deserialization of Untrusted Data vulnerability in Tijmen Smit WP Store Locator wp-store-locator allows Object Injection.This issue affects WP Store Locator: from n/a through <= 2.2.260.
CVE-2024-52443
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in masikonis Geolocator geolocator allows Object Injection.This issue affects Geolocator: from n/a through <= 1.1.
Deserialization of Untrusted Data vulnerability in plainware PlainInventory z-inventory-manager allows Object Injection.This issue affects PlainInventory: from n/a through <= 3.1.6.
CVE-2024-49318
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in Scott My Reading Library my-reading-library allows Object Injection.This issue affects My Reading Library: from n/a through <= 1.0.
CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution and compromise of system integrity when authenticated users send crafted data to a network-expose
CVE-2025-31631
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in AncoraThemes Fish House fish-house allows Object Injection.This issue affects Fish House: from n/a through <= 1.2.7.
CVE-2025-31919
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This issue affects Spare: from n/a through 1.7.
Deserialization of Untrusted Data vulnerability in ThemeMove ThemeMove Core thememove-core allows Object Injection.This issue affects ThemeMove Core: from n/a through <= 1.4.2.
CVE-2024-48028
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in Boyan Raichev IP Loc8 ip-loc8 allows Object Injection.This issue affects IP Loc8: from n/a through <= 1.1.
CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be remotely executed on the server when unsafely deserialized data is posted to the web server.
Deserialization of Untrusted Data vulnerability in wpdreams Ajax Search Lite ajax-search-lite allows Object Injection.This issue affects Ajax Search Lite: from n/a through <= 4.13.3.
CVE-2024-56058
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in denniskravetstns VRPConnector vrpconnector allows Object Injection.This issue affects VRPConnector: from n/a through <= 2.0.1.
CVE-2025-58998
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in Cristián Lávaque s2Member s2member allows Object Injection.This issue affects s2Member: from n/a through <= 250701.
CVE-2025-39354
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Conference grandconference allows Object Injection.This issue affects Grand Conference: from n/a through <= 5.3.
CVE-2025-30973
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS coschool allows Object Injection.This issue affects CoSchool LMS: from n/a through <= 1.4.3.
Deserialization of Untrusted Data vulnerability in PickPlugins Question Answer question-answer allows Object Injection.This issue affects Question Answer: from n/a through <= 1.2.73.
CVE-2025-49434
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in axiomthemes Cars4Rent cars4rent allows Object Injection.This issue affects Cars4Rent: from n/a through <= 1.4.2.
Deserialization of Untrusted Data vulnerability in designthemes Crafts & Arts crafts-and-arts allows Object Injection.This issue affects Crafts & Arts: from n/a through <= 2.5.
Deserialization of Untrusted Data vulnerability in Drupal Eloqua allows Object Injection.This issue affects Eloqua: from 7.X-* before 7.X-1.15.
Page 1+ Next →