Fallos del tipo CWE-502

2257 resultados
CVE-2026-22609HIGHFickling has Static Analysis Bypass via Incomplete Dangerous Module BlocklistEPSS 0.6%CVE-2026-2113MEDIUMyuan1994 tpadmin WebUploader preview.php deserializationEPSS 0.6%CVE-2026-8024CRITICALDeserialization vulnerability in ibaPDA and ibaDatCoordinatorEPSS 0.6%CVE-2024-31094HIGHWordPress Filter Custom Fields & Taxonomies Light plugin <= 1.05 - PHP Object Injection vulnerabilityEPSS 0.6%CVE-2024-30230HIGHWordPress PDF Invoices and Packing Slips For WooCommerce plugin <= 1.3.7 - PHP Object Injection vulnerabilityEPSS 0.6%CVE-2026-27685CRITICALInsecure Deserialization in SAP NetWeaver Enterprise Portal AdministrationEPSS 0.6%CVE-2025-30761MEDIUMVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versionsEPSS 0.6%CVE-2026-42359HIGHApache Airflow: Authenticated RCE via XCom PATCH endpoint — XComUpdateBody missing FORBIDDEN_XCOM_KEYS validatorEPSS 0.5%CVE-2025-66571CRITICALUNA CMS 9.0.0-RC1 - 14.0.0-RC4 PHP Object InjectionEPSS 0.5%CVE-2025-0855CRITICALPGS Core <= 5.8.0 - Unauthenticated PHP Object InjectionEPSS 0.5%CVE-2025-67617CRITICALWordPress Consult Aid theme <= 1.4.3 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2023-51700MEDIUMWP-Mobile-BankID-Integration WordPress Database Deserialization: Potential for Object InjectionEPSS 0.5%CVE-2026-7858CRITICALDeserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026xEPSS 0.5%CVE-2026-33337HIGHFirebird has a buffer overflow when parsing corrupted slice packetsEPSS 0.5%CVE-2024-47636CRITICALWordPress WP JobSearch plugin <= 2.5.9 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-33213HIGHNVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in the Trainer component, where a user could cause a deserialization issueEPSS 0.5%CVE-2025-60214CRITICALWordPress Goldenblatt theme < 1.3.0 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-33214HIGHNVIDIA NVTabular for Linux contains a vulnerability in the Workflow component, where a user could cause a deserialization issue. A successfuEPSS 0.5%CVE-2025-60225CRITICALWordPress BugsPatrol theme <= 1.5.0 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2024-52439CRITICALWordPress Team Rosters plugin <= 4.8.2 - PHP Object Injection vulnerabilityEPSS 0.5%