Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 302— Search: 反序列化×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
FreeScout Deserialization Vulnerability (CVE-2025-4800) Advisory
github.com · 2025-05-30

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Type**: Deserialization of Untrusted Data - **CVE ID**: CVE-2025-4800 - **CVSS v4.0 Base Metrics**: - **Severity**:…

Read more
Microsoft SharePoint Server Deserialization RCE Vulnerability (CVE-2025-30378)
msrc.microsoft.com · 2025-05-15

From this webpage screenshot, the following key information about the vulnerability can be obtained: - **Vulnerability Name**: Microsoft SharePoint Server Remote Code Execution Vulnerability - **CVE I…

Read more
Capco Symfony Unserialization Vulnerability Fix (allowed_classes=false)
github.com · 2025-05-15

From this webpage screenshot, the following key information about the vulnerability can be obtained: - **Submission Details**: - Submission ID: 812f2a7 - Submitters: TeaAlex and cap-collectif-github-b…

Read more
Airiana Insecure Deserialization Vulnerability (RCE) via pickle.load()
github.com · 2025-05-17

### Critical Vulnerability Information #### Vulnerability Type - **Unsafe Deserialization**: Remote Code Execution (RCE) via `pickle.load()`. #### Vulnerability Description - The script loads data fro…

Read more
Airiana Insecure Deserialization via pickle.load() Leading to RCE
github.com · 2025-05-17

### Key Information #### Vulnerability Description - **Vulnerability Type**: Insecure Deserialization - **Impact**: Remote Code Execution (RCE) via `pickle.load()` #### Vulnerability Cause - The scrip…

Read more
GHSL-2025-012/022: Command Injection and Deserialization Vulnerabilities Leading to RCE
securitylab.github.com · 2025-05-07

### Key Vulnerability Information #### Vulnerability IDs - GHSL-2025-012 - GHSL-2025-022 - CVE-2025-43842 - CVE-2025-43852 #### Vulnerability Types - Command Injection - Code Injection - Deserializati…

Read more
CVE-2023-3275: BentoML Runner Server Insecure Deserialization RCE
github.com · 2025-04-10

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Insecure deserialization leading to Remote Code Execution (RCE) - **Affected Versions**: >=1.0, <1.4.8 - **Fixed Version**: 1.…

Read more
OPEN BizRobo! Vulnerability Advisory: RCE via XStream Deserialization and Hardcoded Keys
jvn.jp · 2025-04-12

### Critical Vulnerability Information #### Vulnerability Overview - **JVN ID**: JVN#30641875 - **Title**: Multiple Vulnerabilities in BizRobo! - **Release Date**: 2025/04/10 - **Update Date**: 2025/0…

Read more
Design Studio Java Deserialization RCE via License Server
knowledge.bizrobo.com · 2025-04-12

### Critical Vulnerability Information #### Title Arbitrary Code Execution on MC License Server via Java Deserialization in Design Studio License Authentication by Product User #### Affected Version -…

Read more
Subnet Solutions PowerSYSTEM Center Out-of-Bounds Read & Deserialization Vulnerabilities (CVE-2025-3135)
www.cisa.gov · 2025-04-12

### Critical Vulnerability Information #### 1. Vulnerability Overview - **Release Date**: April 10, 2025 - **Alert ID**: ICSA-25-100-08 - **Relevant Topics**: Industrial Control System Vulnerabilities…

Read more
CVE-2023-31129: jooby-pac4j Untrusted Data Deserialization RCE
github.com · 2025-04-02

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Name**: jooby-pac4j: deserialization of untrusted data - **CVE ID**: CVE-2023-31129 - **CVSS Score**: 8.8/10 (High)…

Read more
a-blog cms Untrusted Data Deserialization Vulnerability (CVE-2025-31103) Advisory
jvn.jp · 2025-04-01

### Key Information - **Vulnerability ID**: JVN#66982699 - **Vulnerability Type**: Untrusted Data Deserialization (CWE-502) - **Affected Products**: - a-blog cms versions prior to Ver.3.1.37 (Ver.3.1.…

Read more
Philips IntelliSpace Portal .NET Deserialization RCE (CVE-2025-3425)
www.cve.org · 2025-04-09

## Critical Vulnerability Information - **CVE ID**: CVE-2025-3425 - **Release Date**: 2025-04-07 - **Update Date**: 2025-04-07 - **Title**: Unauthenticated Remote Code Execution Via .NET Deserializati…

Read more
Fastjson Deserialization RCE in SysGeneratorController
github.com · 2025-04-09

### Critical Vulnerability Information #### Vulnerability Location - In the `SysGeneratorController.java` class, at the `@RequestMapping("/code")` endpoint, specifically at the `JSON.parseArray(tables…

Read more
Veritas Enterprise Vault Deserialization RCE Vulnerability (VTS24-014)
www.veritas.com · 2024-11-26

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability ID and Title**: - Vulnerability ID: VTS24-014 - Vulnerability Title: Remote Code…

Read more
Hugging Face Transformers Untrusted Data Deserialization RCE (CVE-2024-11392)
www.zerodayinitiative.com · 2024-11-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: (0Day) Hugging Face Transformers MobileViTV2 Deserialization of Untruste…

Read more
CVE-2023-51641: Allegra renderFieldMatch Untrusted Data Deserialization RCE
www.zerodayinitiative.com · 2024-11-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code E…

Read more
Allegra loadFieldMatch Deserialization RCE (CVE-2023-51642)
www.zerodayinitiative.com · 2024-11-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Exe…

Read more
Siemens Engineering Platforms Session-Memory Deserialization Vulnerability (SSA-871035)
cert-portal.siemens.com · 2024-11-17

### Key Information #### Vulnerability Description - **Vulnerability ID**: SSA-871035 - **Vulnerability Name**: Session-Memory Deserialization Vulnerability - **Affected Products**: Siemens Engineerin…

Read more
Siemens TeleControl Server Basic V3.1 Insecure Deserialization Vulnerability (CVSS 10.0)
cert-portal.siemens.com · 2024-11-17

### SSA-454789: Deserialization Vulnerability in TeleControl Server Basic V3.1 #### Key Information from the Webpage: 1. **Publication Date:** - 2024-11-12 2. **Last Update:** - 2024-11-12 3. **Curren…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.