Total
1621 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8862 | 2 H2o, H2oai | 2 H2o, H2o-3 | 2024-09-20 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in h2oai h2o-3 3.46.0.4. This issue affects the function getConnectionSafe of the file /dtale/chart-data/1 of the component JDBC Connection Handler. The manipulation of the argument query leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-44902 | 1 Thinkphp | 1 Thinkphp | 2024-09-20 | 9.8 Critical |
| A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code. | ||||
| CVE-2024-5998 | 1 Langchain | 1 Langchain | 2024-09-20 | N/A |
| A vulnerability in the FAISS.deserialize_from_bytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product. | ||||
| CVE-2024-35515 | 1 Sqlitedict | 1 Sqlitedict | 2024-09-20 | 9.8 Critical |
| Insecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code. | ||||
| CVE-2024-8375 | 2024-09-20 | N/A | ||
| There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance. Afterwards, Reverb copies the content in tensor_content to the previously mentioned pre-allocated memory, which results in the bytes in tensor_content overwriting the vtable pointers of all the objects which were previously allocated. Reverb exposes 2 relevant gRPC endpoints: InsertStream and SampleStream. The attacker can insert this stream into the server’s database, then when the client next calls SampleStream they will unpack the tensor into RAM, and when any method on that object is called (including its destructor) the attacker gains control of the Program Counter. We recommend upgrading past git commit https://github.com/google-deepmind/reverb/commit/6a0dcf4c9e842b7f999912f792aaa6f6bd261a25 | ||||
| CVE-2024-37288 | 1 Elastic | 1 Kibana | 2024-09-17 | 9.9 Critical |
| A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use Elastic Security’s built-in AI tools https://www.elastic.co/guide/en/security/current/ai-for-security.html and have configured an Amazon Bedrock connector https://www.elastic.co/guide/en/security/current/assistant-connect-to-bedrock.html . | ||||
| CVE-2024-28991 | 1 Solarwinds | 1 Access Rights Manager | 2024-09-17 | 9 Critical |
| SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution. | ||||
| CVE-2024-29847 | 1 Ivanti | 1 Endpoint Manager | 2024-09-17 | 9.8 Critical |
| Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. | ||||
| CVE-2024-45855 | 1 Mindsdb | 1 Mindsdb | 2024-09-16 | 7.1 High |
| Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when using ‘finetune’ on it. | ||||
| CVE-2024-45854 | 1 Mindsdb | 1 Mindsdb | 2024-09-16 | 7.1 High |
| Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when a ‘describe’ query is run on it. | ||||
| CVE-2024-45853 | 1 Mindsdb | 1 Mindsdb | 2024-09-16 | 7.1 High |
| Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when used for a prediction. | ||||
| CVE-2024-45852 | 1 Mindsdb | 1 Mindsdb | 2024-09-16 | 8.8 High |
| Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded model to run arbitrary code on the server when interacted with. | ||||
| CVE-2024-41874 | 1 Adobe | 1 Coldfusion | 2024-09-16 | 9.8 Critical |
| ColdFusion versions 2023.9, 2021.15 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability by providing crafted input to the application, which when deserialized, leads to execution of malicious code. Exploitation of this issue does not require user interaction. | ||||
| CVE-2024-43931 | 1 Eyecix | 1 Jobsearch Wp Job Board | 2024-09-13 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.3. | ||||
| CVE-2024-45857 | 1 Cleanlab | 1 Cleanlab | 2024-09-12 | 7.8 High |
| Deserialization of untrusted data can occur in versions 2.4.0 or newer of the Cleanlab project, enabling a maliciously crafted datalab.pkl file to run arbitrary code on an end user’s system when the data directory is loaded. | ||||
| CVE-2023-37227 | 1 Loftware | 1 Spectrum | 2024-09-10 | 9.8 Critical |
| Loftware Spectrum before 4.6 HF13 Deserializes Untrusted Data. | ||||
| CVE-2024-8255 | 1 Deltaww | 2 Dtn Soft, Dtnsoft | 2024-09-06 | 9.8 Critical |
| Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability. | ||||
| CVE-2024-45758 | 1 H2oai | 1 H2o-3 | 2024-09-06 | 9.1 Critical |
| H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JDBC URL, leading to deserialization attacks, file reads, and command execution. Exploitation can occur when an attacker has access to post to the ImportSQLTable URI with a JSON document containing a connection_url property with any typical JDBC Connection URL attack payload such as one that uses queryInterceptors. | ||||
| CVE-2024-43242 | 2 Azzaroco, Wpindeed | 2 Ultimate Membership Pro, Ultimate Membership Pro | 2024-09-06 | 9 Critical |
| Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro allows Object Injection.This issue affects Ultimate Membership Pro: from n/a through 12.6. | ||||
| CVE-2024-7435 | 1 Wpattire | 1 Attire Blocks | 2024-09-03 | 8.8 High |
| The Attire theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.6 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | ||||