Fallos del tipo CWE-502

2276 resultados
CVE-2026-9291HIGHInsecure Deserialization in Amazon Braket SDK Job Results ProcessingEPSS 0.4%CVE-2026-42473CRITICALUnsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize() on data from the EPSS 0.4%CVE-2026-42472CRITICALUnsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize() on data from RediEPSS 0.4%CVE-2025-71372HIGHPicklescan - Arbitrary Code Execution via numpy.f2py.crackfortran.getlincoef GadgetEPSS 0.4%CVE-2026-24142MEDIUMNVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerEPSS 0.4%CVE-2025-71370HIGHpicklescan - Remote Code Execution via torch.jit.unsupported_tensor_ops.execWrapperEPSS 0.4%CVE-2025-11993HIGHWooCommerce Infinite Scroll and Ajax Pagination <= 1.8 - Authenticated (Subscriber+) PHP Object InjectionEPSS 0.4%CVE-2024-39636HIGHWordPress Better Find and Replace plugin <= 1.6.1 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-5536MEDIUMFedML-AI FedML gRPC server grpc_server.py sendMessage deserializationEPSS 0.4%CVE-2025-1741MEDIUMb1gMail Admin Page users.php deserializationEPSS 0.4%CVE-2026-28138HIGHWordPress uListing plugin <= 2.2.0 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-10164MEDIUMlmsys sglang update_weights_from_tensor main deserializationEPSS 0.4%CVE-2025-36072HIGHIBM webMethods Integration DeserializationEPSS 0.4%CVE-2024-27985MEDIUMWordPress PropertyHive plugin <= 2.0.9 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-25429CRITICALWordPress Nexa Blocks plugin <= 1.1.1 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-25031CRITICALWordPress Tasty Daily theme < 1.27 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-39529CRITICALWordPress Elementra theme <= 1.0.9 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-68541CRITICALWordPress Ippsum theme <= 1.2.0 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-49107CRITICALWordPress Thrive Apprentice plugin < 10.8.10.2 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-40725CRITICALWordPress WooCommerce Product Filters plugin < 2.0.6 - PHP Object Injection vulnerabilityEPSS 0.4%