Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1676

1676 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-60214 WordPress Goldenblatt theme < 1.3.0 - PHP Object Injection vulnerability — Goldenblatt 9.8 Critical2025-10-22
CVE-2025-60212 WordPress VEDA Theme <= 4.2 - PHP Object Injection Vulnerability — VEDA 8.8 High2025-10-22
CVE-2025-60213 WordPress Scape theme <= 1.5.13 - PHP Object Injection vulnerability — Scape 9.8 Critical2025-10-22
CVE-2025-60215 WordPress Kriya theme <= 3.4 - PHP Object Injection Vulnerability — Kriya 8.8 High2025-10-22
CVE-2025-60210 WordPress Everest Forms - Frontend Listing plugin <= 1.0.5 - PHP Object Injection Vulnerability — Everest Forms - Frontend Listing 9.8 Critical2025-10-22
CVE-2025-60209 WordPress Connector for Gravity Forms and Google Sheets plugin <= 1.2.6 - PHP Object Injection vulnerability — Connector for Gravity Forms and Google Sheets 9.8 Critical2025-10-22
CVE-2025-60039 WordPress Noisa theme <= 2.6.0 - PHP Object Injection vulnerability — Noisa 9.8 Critical2025-10-22
CVE-2025-59007 WordPress TF Woo Product Grid Addon For Elementor Plugin <= 1.0.1 - Deserialization of untrusted data Vulnerability — TF Woo Product Grid Addon For Elementor 9.8 Critical2025-10-22
CVE-2025-52737 WordPress WP Store Locator plugin <= 2.2.260 - PHP Object Injection vulnerability — WP Store Locator 8.8 High2025-10-22
CVE-2025-52740 WordPress Boldermail Plugin <= 2.4.0 - PHP Object Injection Vulnerability — Boldermail 8.8 High2025-10-22
CVE-2025-49380 WordPress WooCommerce Vehicle Parts Finder plugin <= 3.7 - PHP Object Injection vulnerability — WooCommerce Vehicle Parts Finder 9.8 Critical2025-10-22
CVE-2025-31634 WordPress Insurance theme <= 3.5 - PHP Object Injection Vulnerability — Insurance 8.8 High2025-10-22
CVE-2025-32283 WordPress Solar Energy theme <= 3.5 - PHP Object Injection Vulnerability — Solar Energy 8.8 High2025-10-22
CVE-2025-11938 ChurchCRM setup.php deserialization — ChurchCRM 5.6 Medium2025-10-19
CVE-2017-20207 Flickr Gallery <= 1.5.2 - Unauthenticated PHP Object Injection — Flickr Gallery 9.8 Critical2025-10-18
CVE-2017-20208 RegistrationMagic - Custom Registration Forms <= 3.7.9.2 - PHP Object Injection — RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login 9.8 Critical2025-10-18
CVE-2017-20206 Appointments <= 2.2.1 - Unauthenticated PHP Object Injection — Appointments 9.8 Critical2025-10-18
CVE-2025-62515 Remote Code Execution by Pickle Deserialization via FlightServer in pyquokka — quokka 9.8 Critical2025-10-17
CVE-2025-62419 DataEase vulnerable to JDBC URL injection in DB2 and MongoDB data source configuration — dataease 9.8AICriticalAI2025-10-17
CVE-2025-62420 DataEase vulnerable to remote code execution via H2 JDBC driver bypass — dataease 8.1AIHighAI2025-10-17
CVE-2025-49655 Keras 安全漏洞 — Keras 9.8 Critical2025-10-17
CVE-2025-54539 Apache ActiveMQ NMS AMQP Client: Deserialization of Untrusted Data — Apache ActiveMQ NMS AMQP Client 9.8AICriticalAI2025-10-16
CVE-2025-59287 Windows Server Update Service (WSUS) Remote Code Execution Vulnerability — Windows Server 2012 9.8 Critical2025-10-14
CVE-2025-59285 Azure Monitor Agent Elevation of Privilege Vulnerability — Azure Monitor 7.0 High2025-10-14
CVE-2025-59237 Microsoft SharePoint Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 8.8 High2025-10-14
CVE-2025-11622 Ivanti Endpoint Manager 代码问题漏洞 — Endpoint Manager 7.8 High2025-10-13
CVE-2025-35051 Newforma Project Center Server (NPCS) .NET unauthenticated deserialization — Project Center 9.8 Critical2025-10-09
CVE-2025-35050 Newforma Info Exchange (NIX) .NET unauthenticated deserialization — Project Center 9.8 Critical2025-10-09
CVE-2025-11346 ILIAS Base64 Decoding unserialize deserialization — ILIAS 6.3 Medium2025-10-06
CVE-2025-11345 ILIAS Test Import unserialize deserialization — ILIAS 5.5 Medium2025-10-06

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1676 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.