Fallos del tipo CWE-502
2206 resultadosCVE-2021-21343MEDIUMXStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rightsEPSS 47.6%CVE-2020-10914CRITICALThis vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. AuthenticationEPSS 47.0%CVE-2022-33318CRITICALDeserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics DigiEPSS 45.8%CVE-2020-8165—A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal userEPSS 45.7%CVE-2025-49533CRITICALAdobe Experience Manager (MS) | Deserialization of Untrusted Data (CWE-502)EPSS 44.9%CVE-2022-39379LOWFluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)EPSS 44.7%CVE-2025-27520CRITICALBentoML Allows Remote Code Execution (RCE) via Insecure DeserializationEPSS 44.4%CVE-2025-32375CRITICALInsecure Deserialization leads to RCE in BentoML's runner serverEPSS 43.8%CVE-2024-55556CRITICALA vulnerability in Crater Invoice allows an unauthenticated attacker with knowledge of the APP_KEY to achieve remote command execution on thEPSS 43.6%CVE-2022-35870HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b202EPSS 43.1%CVE-2024-3054HIGHWPvivid Backup & Migration Plugin <= 0.9.99 - Authenticated (Admin+) PHAR DeserializationEPSS 41.5%CVE-2024-1800CRITICALProgress Telerik Report Server DeserializationEPSS 40.4%CVE-2023-36050HIGHMicrosoft Exchange Server Spoofing VulnerabilityEPSS 39.2%CVE-2025-30065CRITICALApache Parquet Java: Arbitrary code execution in the parquet-avro module when reading an Avro schema from a Parquet file metadataEPSS 38.8%CVE-2023-49442CRITICALDeserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and earlier allows attackers to run arbitrary code via crafted POSEPSS 38.5%CVE-2022-21647HIGHDeserialization of Untrusted Data in Codeigniter4EPSS 37.7%CVE-2024-28988CRITICALSolarWinds Web Help Desk Java Deserialization Remote Code Execution VulnerabilityEPSS 36.6%CVE-2020-17144HIGHMicrosoft Exchange Remote Code Execution VulnerabilityEPSS 36.5%KEVCVE-2022-31199CRITICALRemote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix AuditoEPSS 36.2%KEVCVE-2024-43464HIGHMicrosoft SharePoint Server Remote Code Execution VulnerabilityEPSS 35.9%