Falhas do tipo CWE-502
2.215 resultadosCVE-2026-21511HIGHMicrosoft Outlook Spoofing VulnerabilityEPSS 3.6%CVE-2020-5327HIGHDell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untrusted Data vulnerability. When the serveEPSS 3.6%CVE-2020-12009—A specially crafted communication packet sent to the affected device could cause a denial-of-service condition due to a deserialization vulnEPSS 3.6%CVE-2020-11112HIGHFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.coEPSS 3.6%CVE-2022-45047CRITICALApache MINA SSHD: Java unsafe deserialization vulnerabilityEPSS 3.6%CVE-2020-26867CRITICALARC Informatique PcVue Deserialization of Untrusted DataEPSS 3.6%CVE-2022-46366CRITICALApache Tapestry prior to version 4 (EOL) allows RCE though deserialization of untrusted inputEPSS 3.6%CVE-2020-10968HIGHFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.EPSS 3.5%CVE-2021-24217—Facebook for WordPress < 3.0.0 - PHP Object Injection with POP ChainEPSS 3.5%CVE-2022-29063—Java Deserialization via RMI Connection from the Solr plugin of Apache OFBizEPSS 3.5%CVE-2020-11111HIGHFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.acEPSS 3.5%CVE-2018-11779—In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the SEPSS 3.5%CVE-2020-10969HIGHFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEPSS 3.5%CVE-2016-9483—PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to unsafe deserialization of untrusted dataEPSS 3.5%CVE-2021-39150HIGHA Server-Side Forgery Request vulnerability in XStream via PriorityQueue unmarshalingEPSS 3.5%CVE-2021-40719CRITICALAdobe Connect Deserialization of Untrusted Data Remote Code ExecutionEPSS 3.4%CVE-2023-38177MEDIUMMicrosoft SharePoint Server Remote Code Execution VulnerabilityEPSS 3.4%CVE-2024-20953HIGHVulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Export). The supported version that is affected is 9.3.6.EPSS 3.4%KEVCVE-2024-35249HIGHMicrosoft Dynamics 365 Business Central Remote Code Execution VulnerabilityEPSS 3.4%CVE-2018-15616CRITICALSystem Platform Web UI DeserializationEPSS 3.3%