The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert Sunday detailing active exploitation of a ...

Deserialization issues also affect Ruby, not just Java, PHP, and .NET Python, are you next? Written by Catalin Cimpanu, Contributor Nov. 10, 2018 at 1:35 a.m. PT ...

To show that the flaw they discovered can affect real-world apps, and is not just a theoretical threat, researchers identified: CVE-2017-9424 — a JSON deserialization flaw in Breeze, a .NET data ...

A zero-day vulnerability in Microsoft Corp.’s SharePoint with no known patch is being exploited in the wild as security ...

GitGuardian uncovers 260,000 leaked Laravel APP_KEYs on GitHub, exposing over 600 apps to remote code execution.

According to a recent security analysis by Foxglove Security suggests that applications using deserialization may be vulnerable to a zero-day exploit. This includes libraries including OpenJDK ...

Deserialization is the reversal of that process and like with most data parsing operations in software, it can be a source of vulnerabilities if users control the input.

An untrusted deserialization vulnerability has been disclosed in how Zend Framework can be used by attackers to achieve remote code execution on PHP sites. Portions of Laminas Project may also be ...

Serialization and deserialization of Hashtable. By Huw Evans ; September 12, 2000; JAVA PRIMER Using Java Object Serialization: A Few Pitfalls Huw Evans ...

Java Deserialization Flaw Patched in 19 Products. Among the most noteworthy aspects of the April CPU is the CVE-2016-1000031 Java flaw that is being patched across 19 Oracle products.