Fallos del tipo CWE-502

2257 resultados
CVE-2023-32513HIGHWordPress GiveWP Plugin <= 2.25.3 is vulnerable to PHP Object InjectionEPSS 0.6%CVE-2025-59328MEDIUMApache Fory: Denial of Service (DoS) due to Deserialization of Untrusted malicious large DataEPSS 0.6%CVE-2024-4733HIGHShiftController Employee Shift Scheduling <= 4.9.57 - Authenticated (Contributor+) PHP Object InjectionEPSS 0.6%CVE-2026-54806CRITICALWordPress WP Activity Log plugin <= 5.6.3.1 - PHP Object Injection vulnerabilityEPSS 0.6%CVE-2024-45772MEDIUMApache Lucene Replicator: Security Vulnerability in Lucene Replicator - Deserialization IssueEPSS 0.6%CVE-2026-7304CRITICALCVE-2026-7304EPSS 0.6%CVE-2025-71363HIGHpicklescan - Arbitrary Code Execution via Undetected cProfile.run in Pickle DeserializationEPSS 0.6%CVE-2025-47292CRITICALCap Collectif vulnerable to insecure deserialization leading to remote code executionEPSS 0.6%CVE-2024-13833HIGHAlbum Gallery – WordPress Gallery <= 1.6.3 - Authenticated (Editor+) PHP Object Injection via Gallery MetaEPSS 0.6%CVE-2025-27511HIGHGeoServer DB2 DataStore Extension has a JNDI Vulnerability via Store ConnectionEPSS 0.6%CVE-2024-22284HIGHWordPress Asgaros Forum Plugin <= 2.7.2 is vulnerable to PHP Object InjectionEPSS 0.6%CVE-2026-39890CRITICALPraisonAI Affected by Remote Code Execution via YAML Deserialization in Agent Definition LoadingEPSS 0.6%CVE-2024-13136MEDIUMwangl1989 mysiteforme ShiroConfig.java rememberMeManager deserializationEPSS 0.6%CVE-2022-2446HIGHWP Editor <= 1.2.9 - Authenticated (Admin+) PHAR DeserializationEPSS 0.6%CVE-2025-33244CRITICALNVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerabEPSS 0.6%CVE-2025-31074HIGHWordPress MDJM Event Management plugin <= 1.7.5.2 - PHP Object Injection vulnerabilityEPSS 0.6%CVE-2022-2886MEDIUMLaravel deserializationEPSS 0.6%CVE-2022-45083MEDIUMWordPress ProfilePress Plugin <= 4.3.2 is vulnerable to PHP Object InjectionEPSS 0.6%CVE-2025-27528CRITICALApache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File ReadEPSS 0.6%CVE-2024-33553CRITICALWordPress XStore Core plugin <= 5.3.5 - Unauthenticated PHP Object Injection vulnerabilityEPSS 0.6%