Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 302— Search: 反序列化×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
CVE-2020-1714 Keycloak Java Deserialization RCE Vulnerability Advisory
bugzilla.redhat.com · 2025-11-13

### Vulnerability Key Information - **CVE ID**: CVE-2020-1714 - **Vulnerability Type**: Lack of checks in ObjectInputStream leading to Remote Code Execution - **Reported Time**: 2019-05-03 10:27 UTC -…

Read more
Hutool XmlUtil Deserialization RCE Vulnerability Analysis
github.com · 2025-11-11

From the screenshot, the following key information about the vulnerability can be obtained: ### Vulnerability Description - **Vulnerability Type**: Deserialization vulnerability - **Affected Class**: …

Read more
CVE-2019-14892: jackson-databind Deserialization Vulnerability Fix
bugzilla.redhat.com · 2025-11-11

Based on the web page screenshot, the following are the key details regarding this vulnerability: - **Vulnerability ID and CVE Number**: - Bug ID: 1758171 - CVE Number: CVE-2019-14892 - **Vulnerabilit…

Read more
PrestaShop Phar Deserialization RCE (CVE-2018-19126/19125) with Exploit
www.exploit-db.com · 2025-11-12

### Vulnerability Information - **EDB-ID**: 45964 - **CVE**: - CVE-2018-19126 - CVE-2018-19125 - **Author**: FARISKHI VIDYAN - **Type**: WEBAPPS - **Platform**: PHP - **Date**: 2018-12-11 - **Vulnerab…

Read more
Simple Job Board 2.12.4 Patch Fixes Deserialization Vulnerability
plugins.trac.wordpress.org · 2025-11-12

### Key Information Summary #### Vulnerability Type - **Deserialization Vulnerability Fix** - The plugin removed usage of the `maybe_unserialize` function across multiple files, indicating that previo…

Read more
Wikimedia API format=php PHP Deserialization Vulnerability (CVE-2014-9277)
phabricator.wikimedia.org · 2025-11-12

### Vulnerability Key Information - **Vulnerability Name**: - `` mal ickkai allows injection in API format=php - **Status**: - Closed, Resolved - **Type**: - Security - **Impact Scope**: - API clients…

Read more
Fastjson 1.2.80 Deserialization Vulnerability Analysis with PoC
github.com · 2025-11-11

### Critical Vulnerability Information #### Vulnerability Type Fastjson Deserialization Vulnerability #### Affected Versions - Fastjson Version: 1.2.80 #### Vulnerability Description A Fastjson deseri…

Read more
PHP WDDX Extension Null Dereference Vulnerability Fix in Deserialization
github.com · 2025-11-11

- **Commit Information:** - **Commit ID:** a14fdb9 - **Author:** smalyshev - **Date:** Aug 11, 2016 - **Description:** Fix for bug #72790 and bug #72799 - **Bugs Fixed:** - Bug #72790: wddx_deserializ…

Read more
CVE-2016-1000031: Apache Commons FileUpload Deserialization RCE
issues.apache.org · 2025-11-10

## Critical Vulnerability Information - **CVE ID**: CVE-2016-1000031 - **Vulnerability Name**: Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution - **Component**: Commons F…

Read more
CVE-2017-7525: Jackson-databind Deserialization RCE Vulnerability Advisory
lists.apache.org · 2025-11-11

## Vulnerability Key Information - **CVE ID**: CVE-2017-7525 - **Component**: jackson-databind - **Version**: 3.11.4 and other versions (specifically: prior to 2.6.7.1, prior to 2.7.9.1, and prior to …

Read more
CVE-2020-9484: Apache Tomcat RCE via Session Persistence Deserialization
lists.apache.org · 2025-11-11

### Critical Vulnerability Information #### Vulnerability ID CVE-2020-9484 #### Vulnerability Type Apache Tomcat Remote Code Execution via session persistence #### Release Date May 20, 2020 #### Vulne…

Read more
SmartBear ReadyAPI jProductivity Unsafe Deserialization RCE (SYSS-2019-039)
seclists.org · 2025-11-10

**Vulnerability Details** - **Advisory ID:** SYSS-2019-039 - **Product:** Protection Licensing Toolkit, SoapUI/LoadUI/ServiceV Pro - **Manufacturer:** jProductivity LLC, SmartBear Software - **Affecte…

Read more
CVE-2021-33806: BdLib Minecraft Mod Deserialization Vulnerability
vuln.ryotak.me · 2025-11-10

# Advisory #46 | Title | BdLib (Minecraft Mod) deserialization of untrusted data in network stack | |--------------------------------------------------|------------------------------------------------…

Read more
Milestone XProtect .NET Remoting Deserialization Vulnerability Hotfix Advisory
supportcommunity.milestonesys.com · 2025-11-10

### Vulnerability Key Information - **Vulnerability Name**: XProtect® VMS: .NET security vulnerability (hotfixes for 2016 R1 - 2018 R1) - **Vulnerability Description**: - **Affected Components**: Reco…

Read more
Jackson Databind CVE-2020-35490/35491 Deserialization Vulnerability Advisory
github.com · 2025-11-10

## Vulnerability Key Information - **Vulnerability Type**: CVE - **CVE IDs**: - CVE-2020-35490 - CVE-2020-35491 - **Affected Component**: - `org.apache.commons:commons-dbcp2` - **Reporter**: Al1ex@kno…

Read more
jackson-databind Multiple CVE Deserialization Vulnerabilities Fix Advisory
lists.debian.org · 2025-11-09

### Vulnerability Key Information - **Package**: jackson-databind - **Version**: 2.4.2-2+deb8u14 - **CVE IDs**: CVE-2020-10968, CVE-2020-10969, CVE-2020-11111, CVE-2020-11112, CVE-2020-11113, CVE-2020…

Read more
CVE-2021-29476: Insecure Deserialization in rmcue/requests
github.com · 2025-11-09

## Vulnerability Key Information ### Vulnerability Name - **Insecure Deserialization of untrusted data** ### Severity - **Critical** - **CVSS v3 base metrics:** - Attack vector: Network - Attack compl…

Read more
Red Hat JBoss BPM Suite Deserialization Vulnerability CVE-2018-8088 Security Update
access.redhat.com · 2025-11-09

### Key Information Summary - **Identifier**: RHSA-2018:2419 - **Security Severity**: Important - **Release Date**: 2018-08-15 - **Update Date**: 2018-08-15 #### Vulnerability Details - **Issue**: Red…

Read more
OpenStack Swift Insecure Deserialization via Pickle (CVE-2012-4406) Fix
bugs.launchpad.net · 2025-11-09

### Key Information Summary **Bug ID:** 1006414 **Reported by:** Thierry Carrez **Reported on:** 2012-05-30 **Affected Project:** OpenStack Object Storage (swift) **Status:** Fix Released **Importance…

Read more
RHSA-2015:2517: Red Hat Fuse Service Works fixes Commons Collections deserialization RCE (CVE-2015-7501)
rhn.redhat.com · 2025-11-09

- **Title**: RHSA-2015:2517 – Security Advisory - **Summary**: Critical: Red Hat Fuse Service Works 6.0.0 commons-collections Security Update - **Type/Severity**: Security Advisory: Critical - **Subje…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.