Weaknesses of type CWE-502

2,250 results
CVE-2025-30773HIGHWordPress TranslatePress plugin <= 2.9.6 - PHP Object Injection VulnerabilityEPSS 0.7%CVE-2024-20150HIGHIn Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution prEPSS 0.7%CVE-2025-34491HIGHGFI MailEssentials < 21.8 MultiNode Insecure DeserializationEPSS 0.7%CVE-2024-10095HIGHProgress UI for WPF format provider unsafe deserialization vulnerabilityEPSS 0.7%CVE-2024-1353MEDIUMPHPEMS index.api.php index deserializationEPSS 0.7%CVE-2025-2000CRITICALQiskit SDK code executionEPSS 0.7%CVE-2022-2440HIGHTheme Editor <= 2.8 - Authenticated (Admin+) PHAR DeserializationEPSS 0.7%CVE-2026-27206HIGHZumba Json Serializer has a potential PHP Object Injection via Unrestricted @type in unserialize()EPSS 0.7%CVE-2026-26222CRITICALDocLink .NET Remoting Unauthenticated Arbitrary File Read/Write RCEEPSS 0.7%CVE-2025-6811CRITICALMescius ActiveReports.NET TypeResolutionService Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.7%CVE-2025-6810CRITICALMescius ActiveReports.NET ReadValue Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.7%CVE-2025-11622HIGHInsecure deserialization in Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to escalate their privilegEPSS 0.7%CVE-2025-42980CRITICALInsecure Deserialization in SAP NetWeaver Enterprise Portal Federated Portal NetworkEPSS 0.7%CVE-2026-23946MEDIUMTendenci has Authenticated Remote Code Execution via Pickle DeserializationEPSS 0.7%CVE-2023-46154MEDIUMWordPress e2pdf Plugin <= 1.20.18 is vulnerable to PHP Object InjectionEPSS 0.7%CVE-2025-39565MEDIUMWordPress MelaPress Login Security plugin <= 2.1.0 - PHP Object Injection VulnerabilityEPSS 0.7%CVE-2024-1198MEDIUMopenBI Phar User.php addxinzhi deserializationEPSS 0.7%CVE-2026-25550CRITICALSeagull Software BarTender Unauthenticated RCE via .NET Remoting ServiceEPSS 0.7%CVE-2023-7018CRITICALDeserialization of Untrusted Data in huggingface/transformersEPSS 0.7%CVE-2023-49772CRITICALWordPress Genesis Simple Love Plugin <= 2.0 is vulnerable to PHP Object InjectionEPSS 0.7%