Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
ASNA Assist and ASNA Registrar before 2025-03-31 allow deserialization attacks against .NET remoting. These are Windows system services that support license key management and deprecated Windows netwo
Seagull Software BarTender 2021 R1 through 12.0.1 contains an insecure deserialization vulnerability that allows low-privileged local users to escalate privileges. The DataServiceSingleton .NET Remoti
CVE-2025-47732
CRITICAL CVSS 9.8
Find Similar
Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network.
Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network.
CVE-2026-0611
CRITICAL CVSS 9.2
Find Similar
Spacelabs Healthcare Sentinel versions 10.5.x and higher and 11.x.x before 11.6.0 contain an unauthenticated remote code execution vulnerability through a deprecated .NET Remoting HTTP channel exposed
Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally.
CVE-2024-10456
CRITICAL CVSS 9.3
Find Similar
Delta Electronics InfraSuite Device Master versions prior to 1.0.12 are affected by a deserialization vulnerability that targets the Device-Gateway, which could allow deserialization of arbitrary .NET
CVE-2025-54539
CRITICAL CVSS 9.8
Find Similar
A Deserialization of Untrusted Data vulnerability exists in the Apache ActiveMQ NMS AMQP Client. This issue affects all versions of Apache ActiveMQ NMS AMQP up to and including 2.3.0, when establishi
CVE-2026-25550
CRITICAL CVSS 9.3
Find Similar
Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution vulnerability in the .NET Remoting service exposed on TCP port 7375 via BtSystem.Service.exe. The servi
The Print Service component of Fiserv Originate Loans Peripherals (formerly Velocity Services) in unsupported version 2021.2.4 (build 4.7.3155.0011) uses deprecated .NET Remoting TCP channels that all
Deserialization of Untrusted Data vulnerability in Apache Lucene.Net.Replicator. This issue affects Apache Lucene.NET's Replicator library: from 4.8.0-beta00005 through 4.8.0-beta00016. An attacker
CVE-2025-59287
CRITICAL CVSS 9.8 KEV
Find Similar
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
CVE-2025-53770
CRITICAL CVSS 9.8 KEV
Find Similar
Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exist
Dataease is an open source data analytics and visualization platform. In Dataease versions up to 2.10.12, the patch introduced to mitigate DB2 JDBC deserialization remote code execution attacks only b
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.
Page 1+ Next →