CVE & Exploit Intelligence Database

CVE-2020-24648 9.8 CRITICAL EPSS 0.22

A accessmgrservlet classname deserialization of untrusted data remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

CWE-502 Oct 19, 2020

CVE-2020-7811 6.2 MEDIUM EPSS 0.00

Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that allows privilege escalation as commands crafted by attacker are executed while the engine deserializes the data received during inter-process communication

CWE-502 Oct 12, 2020

CVE-2020-26867 9.8 CRITICAL EPSS 0.03

ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server.

CWE-502 Oct 12, 2020

CVE-2020-26945 8.1 HIGH EPSS 0.01

MyBatis before 3.5.6 mishandles deserialization of object streams.

CWE-502 Oct 10, 2020

CVE-2020-4280 8.8 HIGH EPSS 0.45

IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 176140.

CWE-502 Oct 08, 2020

CVE-2020-14030 7.2 HIGH EPSS 0.03

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. It stores SMS messages in .NET serialized format on the filesystem. By generating (and writing to the disk) malicious .NET serialized files, an attacker can trick the product into deserializing them, resulting in arbitrary code execution.

CWE-502 Sep 30, 2020

CVE-2020-15188 10.0 CRITICAL EPSS 0.05

SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE). The allows remote attackers to execute any arbitrary code when the inquiry form feature is enabled by the service. The vulnerability is caused by unserializing the form without any restrictions. This was fixed in 3.0.2.328.

CWE-502 Sep 18, 2020

CVE-2020-24750 8.1 HIGH 3 PoCs Analysis EPSS 0.02

FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.

CWE-502 Sep 17, 2020

CVE-2020-7532 7.8 HIGH EPSS 0.00

A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack x70 Security Administrator (V1.2.0 and prior) which could allow arbitrary code execution when an attacker builds a custom .SDB file containing a malicious serialized buffer.

CWE-502 Sep 16, 2020

CVE-2020-7528 7.8 HIGH EPSS 0.00

A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which could allow arbitrary code execution when an attacker builds a custom .PRJ file containing a malicious serialized buffer.

CWE-502 Sep 16, 2020

CVE-2020-15172 8.7 HIGH 1 Writeup EPSS 0.00

The Act module for Red Discord Bot before commit 6b9f3b86 is vulnerable to Remote Code Execution. With this exploit, Discord users can use specially crafted messages to perform destructive actions and/or access sensitive information. Unloading the Act module with `unload act` can render this exploit inaccessible.

CWE-502 Sep 15, 2020

CVE-2020-15148 8.9 HIGH 2 PoCs Analysis NUCLEI EPSS 0.93

Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaround without upgrading is available in the linked advisory.

CWE-502 Sep 15, 2020

CVE-2020-4521 8.8 HIGH EPSS 0.13

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 182396.

CWE-502 Sep 15, 2020

CVE-2020-24164 7.8 HIGH EPSS 0.00

A deserialization flaw is present in Taoensso Nippy before 2.14.2. In some circumstances, it is possible for an attacker to create a malicious payload that, when deserialized, will allow arbitrary code to be executed. This occurs because there is automatic use of the Java Serializable interface.

CWE-502 Sep 11, 2020

CVE-2020-25260 9.8 CRITICAL EPSS 0.02

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization.

CWE-502 Sep 11, 2020

CVE-2020-25259 9.8 CRITICAL EPSS 0.00

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It uses XML deserialization libraries in an unsafe manner.

CWE-502 Sep 11, 2020

CVE-2020-25258 9.8 CRITICAL EPSS 0.00

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It uses ASP.NET BinaryFormatter.Deserialize in a manner that allows attackers to transmit and execute bytecode in SOAP messages.

CWE-502 Sep 11, 2020

CVE-2014-1420 3.8 LOW EPSS 0.00

On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. StateSaver would also open files without the O_EXCL flag. An attacker could exploit this to launch a symlink attack, though this is partially mitigated by symlink and hardlink restrictions in Ubuntu. Fixed in 1.1.1188+14.10.20140813.4-0ubuntu1.

CWE-502 Sep 11, 2020

CVE-2020-24034 8.8 HIGH EPSS 0.02

Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sess_id, nonce, and ha1 values inside of the serialized session cookie, an attacker may alter the user value inside of this cookie, and assume the role and permissions of the user specified. By assuming the role of the user internal, which is inaccessible to end users by default, the attacker gains the permissions of the internal account, which includes the ability to flash custom firmware to the router, allowing the attacker to achieve a complete compromise.

CWE-502 Sep 01, 2020

CVE-2020-17405 8.8 HIGH EPSS 0.01

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Senstar Symphony 7.3.2.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSOAuth process. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10980.

CWE-502 Sep 01, 2020