Fallos del tipo CWE-502

2276 resultados
CVE-2025-13714HIGHTencent MedicalNet generate_model Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.4%CVE-2025-13712HIGHTencent HunyuanDiT merge Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.4%CVE-2025-11346MEDIUMILIAS Base64 Decoding unserialize deserializationEPSS 0.4%CVE-2025-13709HIGHTencent TFace restore_checkpoint Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.4%CVE-2025-13707HIGHTencent HunyuanDiT model_resume Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.4%CVE-2025-30985CRITICALWordPress GNUCommerce plugin <= 1.5.4 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-13711HIGHTencent TFace eval Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.4%CVE-2025-13716HIGHTencent MimicMotion create_pipeline Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.4%CVE-2026-41586CRITICALObjectInputStream.readObject() without ObjectInputFilter in fabric-sdk-java allows Java deserialization RCEEPSS 0.4%CVE-2024-56283HIGHWordPress Locatoraid Store Locator Plugin <= 3.9.50 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2024-56291HIGHWordPress PlainInventory – Inventory Management Plugin Plugin <= 3.1.6 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-8751MEDIUMh2oai h2o-3 JAR Model.java importBinaryModel deserializationEPSS 0.4%CVE-2025-5552MEDIUMChestnutCMS API Endpoint exec deserializationEPSS 0.4%CVE-2026-31239CRITICALThe mamba language model framework thru 2.2.6 is vulnerable to insecure deserialization (CWE-502) when loading pre-trained models from HuggiEPSS 0.4%CVE-2025-62035HIGHWordPress Togo theme < 1.0.4 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-49073CRITICALWordPress Sweet Dessert < 1.1.13 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2024-34072HIGHDeserialization of Untrusted Data in sagemaker-python-sdkEPSS 0.4%CVE-2025-48289CRITICALWordPress Kids Planet theme <= 2.2.14 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2025-39588CRITICALWordPress Ultimate Store Kit Elementor Addons plugin <= 2.4.0 - Deserialization of untrusted data VulnerabilityEPSS 0.4%CVE-2025-39410CRITICALWordPress Smart Sections Theme Builder - WPBakery Page Builder Addon plugin <= 1.7.8 - PHP Object Injection vulnerabilityEPSS 0.4%