Weaknesses of type CWE-502

2,250 results
CVE-2024-1792HIGHCMB2 <= 2.10.1 - Authenticated (Contributor+) PHP Object InjectionEPSS 0.8%CVE-2026-25917HIGHApache Airflow: API extra-links triggers XCom deserialization/class instantiation (Airflow 3.1.5)EPSS 0.8%CVE-2026-2970LOWdatapizza-labs datapizza-ai cache.py RedisCache deserializationEPSS 0.8%CVE-2024-2025HIGHBuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages <= 3.4.20 - Authenticated (Subscriber+) PHP Object Injection in get_simple_requestEPSS 0.8%CVE-2025-29783CRITICALvLLM Allows Remote Code Execution via Mooncake IntegrationEPSS 0.8%CVE-2025-1913HIGHProduct Import Export for WooCommerce <= 2.5.0 - Authenticated (Admin+) PHP Object Injection via form_data ParameterEPSS 0.8%CVE-2023-40595HIGHRemote Code Execution via Serialized Session PayloadEPSS 0.8%CVE-2024-3740MEDIUMcym1102 nginxWebUI reload exec deserializationEPSS 0.8%CVE-2026-24892HIGHopenITCOCKPIT has Unsafe Deserialization in openITCOCKPIT Changelog HandlingEPSS 0.8%CVE-2024-1770HIGHMeta Tag Manager <= 3.0.2 - Authenticated (Subscriber+) PHP Object InjectionEPSS 0.8%CVE-2024-43191HIGHIBM ManageIQ command executionEPSS 0.8%CVE-2024-2693HIGHLink Whisper Free <= 0.7.1 - Authenticated (Contributor+) PHP Object InjectionEPSS 0.8%CVE-2026-27727HIGHmchange-commons-java: Remote Code Execution via JNDI Reference ResolutionEPSS 0.8%CVE-2024-48206CRITICALA Deserialization of Untrusted Data vulnerability in chainer v7.8.1.post1 leads to execution of arbitrary code.EPSS 0.8%CVE-2024-9314HIGHRank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.228 - Authenticated (Administrator+) PHP Object InjectionEPSS 0.8%CVE-2026-31072CRITICALThe JSONSerializer and CBORSerializer in APScheduler (all versions including 3.10.x and 4.0.0a5) are vulnerable to Remote Code Execution (RCEPSS 0.8%CVE-2026-39253HIGHAn issue in Pivotal CRM v.6.6.04.08 allows a remote attacker to execute arbitrary code via the Pivotal.Core.Common.dll and Pivotal.Engine.ClEPSS 0.8%CVE-2025-43851HIGHGHSL-2025-021_Retrieval-based-Voice-Conversion-WebUIEPSS 0.8%CVE-2025-43852HIGHGHSL-2025-022_Retrieval-based-Voice-Conversion-WebUIEPSS 0.8%CVE-2024-23636CRITICALSOFARPC Remote Command Execution(RCE) VulnerbilityEPSS 0.8%