Total
1621 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-52432 | 2 Nix Solutions, Nixsolutions | 2 Nix Anti-spam Light, Nix Anti-spam Light | 2024-11-20 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows Object Injection.This issue affects NIX Anti-Spam Light: from n/a through 0.0.4. | ||||
| CVE-2024-52433 | 1 Mindstien | 1 My Geo Posts Free | 2024-11-20 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free allows Object Injection.This issue affects My Geo Posts Free: from n/a through 1.2. | ||||
| CVE-2024-10828 | 1 Algolplus | 2 Advanced Order Export, Advanced Order Export For Woocommerce | 2024-11-19 | 8.1 High |
| The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the "Try to convert serialized values" option is enabled. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | ||||
| CVE-2021-3838 | 2 Dompdf, Dompdf Project | 2 Dompdf, Dompdf | 2024-11-19 | 9.8 Critical |
| DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the file_get_contents() function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP objects. This can lead to remote code execution, especially when DOMPdf is used with frameworks with documented POP chains like Laravel or vulnerable developer code. | ||||
| CVE-2024-52414 | 1 Anthony Carbon | 1 Wdes Responsive Mobile Menu | 2024-11-19 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through 5.3.18. | ||||
| CVE-2024-52413 | 1 Dmc | 1 Airin Blog | 2024-11-19 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in DMC Airin Blog allows Object Injection.This issue affects Airin Blog: from n/a through 1.6.1. | ||||
| CVE-2024-52306 | 2 Backpackforlaravel, Laravel-backpack | 2 Filemanager, File Manager | 2024-11-19 | 7.7 High |
| FileManager provides a Backpack admin interface for files and folder. Prior to 3.0.9, deserialization of untrusted data from the mimes parameter could lead to remote code execution. This vulnerability is fixed in 3.0.9. | ||||
| CVE-2024-52412 | 1 Stephen Cui | 1 Xin | 2024-11-19 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Stephen Cui Xin allows Object Injection.This issue affects Xin: from n/a through 1.0.8.1. | ||||
| CVE-2024-52411 | 1 Flowcraft Ux Design Studio | 1 Advanced Personalization | 2024-11-19 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Flowcraft UX Design Studio Advanced Personalization allows Object Injection.This issue affects Advanced Personalization: from n/a through 1.1.2. | ||||
| CVE-2024-52410 | 1 Phoenixheart | 1 Referrer Detector | 2024-11-19 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Phoenixheart Referrer Detector allows Object Injection.This issue affects Referrer Detector: from n/a through 4.2.1.0. | ||||
| CVE-2024-52409 | 1 Ajax-random-post Project | 1 Ajax-random-post | 2024-11-18 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Phan An AJAX Random Posts allows Object Injection.This issue affects AJAX Random Posts: from n/a through 0.3.3. | ||||
| CVE-2024-44102 | 1 Siemens | 1 Telecontrol Server Basic | 2024-11-15 | 10 Critical |
| A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 256 to 1000 V3.1 (6NH9910-0AA31-0AD1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 32 to 64 V3.1 (6NH9910-0AA31-0AF1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 64 to 256 V3.1 (6NH9910-0AA31-0AC1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 8 to 32 V3.1 (6NH9910-0AA31-0AB1) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 1000 V3.1 (6NH9910-0AA31-0AD0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 256 V3.1 (6NH9910-0AA31-0AC0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 32 V3.1 (6NH9910-0AA31-0AF0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 5000 V3.1 (6NH9910-0AA31-0AE0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 64 V3.1 (6NH9910-0AA31-0AB0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 8 V3.1 (6NH9910-0AA31-0AA0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic Serv Upgr (6NH9910-0AA31-0GA1) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic Upgr V3.1 (6NH9910-0AA31-0GA0) (All versions < V3.1.2.1 with redundancy configured). The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the affected software, an unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted serialized object. This could allow the attacker to execute arbitrary code on the device with SYSTEM privileges. | ||||
| CVE-2024-37285 | 1 Elastic | 1 Kibana | 2024-11-15 | 9.1 Critical |
| A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges https://www.elastic.co/guide/en/elasticsearch/reference/current/defining-roles.html#roles-indices-priv and Kibana privileges https://www.elastic.co/guide/en/fleet/current/fleet-roles-and-privileges.html assigned to them. The following Elasticsearch indices permissions are required * write privilege on the system indices .kibana_ingest* * The allow_restricted_indices flag is set to true Any of the following Kibana privileges are additionally required * Under Fleet the All privilege is granted * Under Integration the Read or All privilege is granted * Access to the fleet-setup privilege is gained through the Fleet Server’s service account token | ||||
| CVE-2024-10962 | 1 Wpvividplugins | 1 Migration Backup Staging Wpvivd Backup And Migration | 2024-11-15 | 8.8 High |
| The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.9.107 via deserialization of untrusted input in the 'replace_row_data' and 'replace_serialize_data' functions. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. An administrator must create a staging site to trigger the exploit. | ||||
| CVE-2024-8069 | 1 Citrix Session Recording | 1 Citrix Session Recording | 2024-11-15 | 8.8 High |
| Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server | ||||
| CVE-2024-7434 | 2 Ultrapress, Ultrapressorg | 2 Ultrapress, Ultrapress | 2024-11-13 | 8.8 High |
| The UltraPress theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.1 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | ||||
| CVE-2024-7433 | 1 Ultrapress | 2 Empowerment, Empowerment Theme For Wordpress | 2024-11-13 | 8.8 High |
| The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.2 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | ||||
| CVE-2024-7432 | 2 Ultrapress, Ultrapressorg | 2 Unseen Blog, Unseen Blog | 2024-11-13 | 8.8 High |
| The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | ||||
| CVE-2024-47636 | 1 Eyecix | 1 Jobsearch Wp Job Board | 2024-11-12 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.9. | ||||
| CVE-2024-47074 | 1 Dataease | 1 Dataease | 2024-11-12 | 9.8 Critical |
| DataEase is an open source data visualization analysis tool. In Dataease, the PostgreSQL data source in the data source function can customize the JDBC connection parameters and the PG server target to be connected. In backend/src/main/java/io/dataease/provider/datasource/JdbcProvider.java, PgConfiguration class don't filter any parameters, directly concat user input. So, if the attacker adds some parameters in JDBC url, and connect to evil PG server, the attacker can trigger the PG jdbc deserialization vulnerability, and eventually the attacker can execute through the deserialization vulnerability system commands and obtain server privileges. The vulnerability has been fixed in v1.18.25. | ||||