Fallos del tipo CWE-502

2206 resultados

CVE-2022-23450—A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versionsEPSS 34.9%CVE-2025-71260HIGHBMC FootPrints ITSM 20.20.02 <= 20.24.01.001 VIEWSTATE Deserialization RCEEPSS 34.4%CVE-2023-1650CRITICALChatBot < 4.4.7 - Unauthenticated PHP Object InjectionEPSS 34.4%CVE-2024-32030HIGHRemote code execution via JNDI resolution in JMX metrics collection in Kafka UIEPSS 34.1%CVE-2024-1651CRITICALTorrentpier 2.4.1 - RCEEPSS 34.0%CVE-2021-27852CRITICALDeserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute aEPSS 31.9%KEV CVE-2023-3001HIGH A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious pEPSS 31.9%CVE-2026-20963CRITICALMicrosoft SharePoint Remote Code Execution VulnerabilityEPSS 31.1%KEV CVE-2024-21318HIGHMicrosoft SharePoint Server Remote Code Execution VulnerabilityEPSS 30.8%CVE-2024-41874CRITICALColdFusion | Deserialization of Untrusted Data (CWE-502)EPSS 30.3%CVE-2017-7504—HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the JbossMQ implementation, which is enabled by default in Red Hat Jboss AppliEPSS 29.3%CVE-2023-37941MEDIUMApache Superset: Metadata db write access can lead to remote code executionEPSS 29.2%CVE-2024-8353CRITICALGiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Unauthenticated PHP Object InjectionEPSS 29.1%CVE-2018-15957CRITICALAdobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untruEPSS 28.2%CVE-2026-20131CRITICALCisco Secure Firewall Management Center Software Remote Code Execution VulnerabilityEPSS 27.6%KEV CVE-2026-45247CRITICALMirasvit Cache Warmer for Magento < 1.11.12 PHP Object InjectionEPSS 27.5%KEV CVE-2025-0994HIGHTrimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vEPSS 27.4%KEV CVE-2023-35180HIGHSolarWinds Access Rights Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability EPSS 27.4%CVE-2023-4528HIGHJSCAPE MFT Server Unsafe Deserialization on Management PortEPSS 27.1%CVE-2025-53690CRITICALSitecore Products ViewState Deserialization VulnerabilityEPSS 26.3%KEV

← anteriorpágina 8 / 111siguiente →