Falhas do tipo CWE-502
2.247 resultadosCVE-2022-20763MEDIUMCisco Webex Meetings Java Deserialization VulnerabilityEPSS 0.9%CVE-2026-56121CRITICALFeast < 0.63.0 Unauthenticated RCE via ApplyFeatureView gRPC DeserializationEPSS 0.9%CVE-2026-23746CRITICALEntrust Instant Financial Issuance (IFI) SmartCardController Service .NET Remoting RCEEPSS 0.9%CVE-2024-48112CRITICALA deserialization vulnerability in the component \controller\Index.php of Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary coEPSS 0.9%CVE-2022-3525CRITICALDeserialization of Untrusted Data in librenms/librenmsEPSS 0.9%CVE-2024-0603HIGHZhiCms giftcontroller.php deserializationEPSS 0.9%CVE-2023-29006HIGHOrder GLPI plugin vulnerable to remote code execution from authenticated userEPSS 0.9%CVE-2025-64439HIGHLangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializerEPSS 0.9%CVE-2023-6656MEDIUMDeepFaceLab DFLJPG.py deserializationEPSS 0.9%CVE-2024-5335CRITICALUltimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 1.6.4 - Unauthenticated PHP Object InjectionEPSS 0.9%CVE-2024-4413CRITICALHotel Booking Lite <= 4.11.1 - Unauthenticated PHP Object InjectionEPSS 0.9%CVE-2024-1731HIGHAuto Refresh Single Page <= 1.1 - Authenticated (Contributor+) PHP Object InjectionEPSS 0.9%CVE-2024-1895HIGHEvent Monster <= 1.3.9 - Authenticated(Contributor+) PHP Object Injection via Custom MetaEPSS 0.9%CVE-2026-8365HIGHBlocksy <= 2.1.41 - Authenticated (Contributor+) PHP Object Injection via Deserialization of Untrusted Data via 'blocksy_meta' REST API FieldEPSS 0.8%CVE-2023-38264MEDIUMIBM SDK, Java Technology Edition denial of serviceEPSS 0.8%CVE-2024-53477CRITICALJFinal CMS 5.1.0 is vulnerable to Command Execution via unauthorized execution of deserialization in the file ApiForm.javaEPSS 0.8%CVE-2024-9070CRITICALDeserialization Vulnerability in BentoML's Runner Server in bentoml/bentomlEPSS 0.8%CVE-2025-27781HIGHApplio allows unsafe deserialization in inference.pyEPSS 0.8%CVE-2025-27780HIGHApplio allows unsafe deserialization in model_information.pyEPSS 0.8%CVE-2024-36528HIGHnukeviet v.4.5 and before and nukeviet-egov v.1.2.02 and before have a Deserialization vulnerability which results in code execution via /adEPSS 0.8%