Falhas do tipo CWE-502
2.258 resultadosCVE-2024-43252CRITICALWordPress Crew HRM plugin <= 1.1.1 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-49331HIGHWordPress eCommerce Product Catalog plugin <= 3.4.3 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2026-9319CRITICALIBM WebSphere Application Server is affected by a remote code execution vulnerabilityEPSS 0.4%CVE-2026-22187MEDIUMBio-Formats <= 8.3.0 Memoizer Unsafe Deserialization via .bfmemo Cache FilesEPSS 0.4%CVE-2026-22607HIGHFickling Blocklist Bypass: cProfile.run()EPSS 0.4%CVE-2024-5649MEDIUMUniversal Slider <= 1.6.5 - Authenticated (Contributor+) PHP Object InjectionEPSS 0.4%CVE-2025-8963MEDIUMjeecgboot JimuReport Data Large Screen Template testConnection deserializationEPSS 0.4%CVE-2025-13145HIGHWP Import – Ultimate CSV XML Importer for WordPress <= 7.33.1 - Authenticated (Administrator+) PHP Object Injection via CSV ImportEPSS 0.4%CVE-2025-63951HIGHAn insecure deserialization vulnerability exists in the rss-mp3.php script of the MiczFlor RPi-Jukebox-RFID project through commit 4b2334f0aEPSS 0.4%CVE-2025-63950HIGHAn insecure deserialization vulnerability exists in the download.php script of the to3k Twittodon application through commit b1c58a7d1dc664bEPSS 0.4%CVE-2025-58662HIGHWordPress Awesome Support plugin <= 6.3.5 - Deserialization of untrusted data vulnerabilityEPSS 0.4%CVE-2025-58815HIGHWordPress Aitasi Coming Soon Plugin <= 2.0.2 - Deserialization of untrusted data VulnerabilityEPSS 0.4%CVE-2025-47536HIGHWordPress Content Egg plugin <= 7.0.0 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2025-58839HIGHWordPress eDS Responsive Menu Plugin <= 1.2 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2025-5679MEDIUMShenzhen Dashi Tongzhou Information Technology AgileBPM SysToolsController.java parseStrByFreeMarker deserializationEPSS 0.4%CVE-2026-25923HIGHPhar Deserialization leading to Arbitrary File Deletion in my little forumEPSS 0.4%CVE-2025-66524HIGHApache NiFi: Deserialization of Untrusted Data in GetAsanaObject ProcessorEPSS 0.4%CVE-2025-0767MEDIUMWP Activity Log 5.3.2 - Insecure deserializationEPSS 0.4%CVE-2025-47771HIGHPowSyBl Core allows deserialization of untrusted SparseMatrix dataEPSS 0.4%CVE-2026-50589MEDIUMIn OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JEPSS 0.4%