Fallos del tipo CWE-502

2257 resultados
CVE-2023-46154MEDIUMWordPress e2pdf Plugin <= 1.20.18 is vulnerable to PHP Object InjectionEPSS 0.7%CVE-2026-23946MEDIUMTendenci has Authenticated Remote Code Execution via Pickle DeserializationEPSS 0.7%CVE-2024-54135CRITICALUntrusted Deserialization in ClipBucket-v5 Version 2.0 to 5.5.1 Revision 199EPSS 0.7%CVE-2025-39565MEDIUMWordPress MelaPress Login Security plugin <= 2.1.0 - PHP Object Injection VulnerabilityEPSS 0.7%CVE-2024-1198MEDIUMopenBI Phar User.php addxinzhi deserializationEPSS 0.7%CVE-2026-25550CRITICALSeagull Software BarTender Unauthenticated RCE via .NET Remoting ServiceEPSS 0.7%CVE-2023-7018CRITICALDeserialization of Untrusted Data in huggingface/transformersEPSS 0.7%CVE-2023-49772CRITICALWordPress Genesis Simple Love Plugin <= 2.0 is vulnerable to PHP Object InjectionEPSS 0.7%CVE-2023-49773CRITICALWordPress BCorp Shortcodes Plugin <= 0.23 is vulnerable to PHP Object InjectionEPSS 0.7%CVE-2024-54136CRITICALUntrusted Deserialization in ClipBucket-v5 Version 5.5.1 Revision 199 and BelowEPSS 0.7%CVE-2025-45146CRITICALModelCache for LLM through v0.2.0 was discovered to contain an deserialization vulnerability via the component /manager/data_manager.py. ThiEPSS 0.7%CVE-2024-30224CRITICALWordPress WholesaleX plugin <= 1.3.2 - Unauthenticated PHP Object Injection vulnerabilityEPSS 0.7%CVE-2025-25940CRITICALVisiCut 2.1 allows code execution via Insecure XML Deserialization in the loadPlfFile method of VisicutModel.java.EPSS 0.7%CVE-2022-3291MEDIUMSerialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.EPSS 0.7%CVE-2024-5726HIGHTimeline Event History <= 3.1 - Authenticated (Contributor+) PHP Object InjectionEPSS 0.7%CVE-2024-53673HIGHA java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code.EPSS 0.7%CVE-2024-3431MEDIUMEyouCMS Backend deserializationEPSS 0.7%CVE-2025-42963CRITICALInsecure Deserialization in SAP NetWeaver Application Server for Java (Log Viewer )EPSS 0.7%CVE-2026-35171CRITICALArbitrary Code Execution via Malicious Logging Configuration in KedroEPSS 0.7%CVE-2024-0959MEDIUMStanfordVL GibsonEnv pposgd_fuse.py cloudpickle.load deserializationEPSS 0.7%