Virtualjdbc extension of SAP Hybris Commerce Cloud uses unsafe java deserialization and it's vulnerable to deserialization attacks. An attacker could exploit this vulnerability using specially-crafted serialized data to execute arbitrary code on the system or to perform a denial of service attack.
Upgrade to the latest version of SAP Hybris.
WordPress Plugin Catch Themes Demo Import Remote Code Execution (2.1)
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.7.14)
SAP NetWeaver ConfigServlet remote command execution
WordPress Plugin Ad Inserter-Ad Manager & AdSense Ads Remote Code Execution (2.4.21)
Drupal 7 arbitrary PHP code execution and information disclosure