Falhas do tipo CWE-502

2.283 resultados
CVE-2026-24152HIGHNVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciouEPSS 0.2%CVE-2026-24150HIGHNVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciouEPSS 0.2%CVE-2025-33248HIGHNVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script where an Attacker may cause an RCE by convincing a user to load EPSS 0.2%CVE-2025-31175HIGHDeserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service integEPSS 0.2%CVE-2026-39577HIGHWordPress Playroom theme <= 1.4.1 - PHP Object Injection vulnerabilityEPSS 0.2%CVE-2026-4416HIGHGIGABYTE|Performance Library - Insecure DeserializationEPSS 0.2%CVE-2025-53415HIGHFile Parsing Deserialization of Untrusted Data in DTM SoftEPSS 0.2%CVE-2026-45134HIGHLangSmith Client SDK: Public prompt pull deserializes untrusted manifests without trust boundary warningEPSS 0.2%CVE-2026-40993HIGHUnfiltered Java Native Deserialization of SAML 2.0 Asserting Party Credentials BLOB Database EntryEPSS 0.2%CVE-2025-33252HIGHNVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerabiliEPSS 0.2%CVE-2025-54886HIGHskops: Card.get_model does not block arbitrary code executionEPSS 0.2%CVE-2025-7976HIGHAnritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.2%CVE-2026-53914MEDIUMIn JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadataEPSS 0.2%CVE-2024-0140MEDIUMNVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user could cause a deserialization of untrusted data issue. A successful exEPSS 0.2%CVE-2026-1542MEDIUMSuper Stage WP <= 1.0.1 - Unauthenticated PHP Object InjectionEPSS 0.2%CVE-2025-3165MEDIUMthu-pacman chitu backend.py torch.load deserializationEPSS 0.2%CVE-2023-20944HIGHIn run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to lEPSS 0.2%CVE-2025-5173MEDIUMHumanSignal label-studio-ml-backend PT File neural_nets.py load deserializationEPSS 0.2%CVE-2024-3467HIGHDeserialization of Untrusted Data in AVEVA PI Asset Framework ClientEPSS 0.2%CVE-2025-33253HIGHNVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciouslEPSS 0.2%