Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1677

1677 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-7560 News Flash <= 1.1.0 - Authenticated (Editor+) PHP Object Injection — News Flash 7.2 High2024-08-08
CVE-2024-7486 MultiPurpose <= 1.2.0 - Authenticated (Contributor+) PHP Object Injection — MultiPurpose 8.8 High2024-08-08
CVE-2024-7561 The Next <= 1.1.0 - Authenticated (Contributor+) PHP Object Injection — The Next 8.8 High2024-08-08
CVE-2024-39636 WordPress Better Find and Replace plugin <= 1.6.1 - PHP Object Injection vulnerability — Better Find and Replace 8.3 High2024-08-01
CVE-2024-39630 WordPress Timetable and Event Schedule by MotoPress plugin <= 2.4.13 - PHP Object Injection vulnerability — Timetable and Event Schedule 5.5 Medium2024-08-01
CVE-2024-6152 Flipbox Builder <= 1.5 - Authenticated (Contributor+) PHP Object Injection — Flipbox Builder 8.8 High2024-07-27
CVE-2024-39673 Huawei EMUI和Huawei HarmonyOS 安全漏洞 — HarmonyOS 6.8 Medium2024-07-25
CVE-2024-7067 kirilkirkov Ecommerce-Laravel-Bootstrap Cart.php getCartProductsIds deserialization — Ecommerce-Laravel-Bootstrap 6.3 Medium2024-07-24
CVE-2024-6327 Progress Telerik Report Server Deserialization — Telerik Report Server 9.9 Critical2024-07-24
CVE-2024-6794 Deserialization of Untrusted Data in NI VeriStand Waveform Streaming Server — VeriStand 9.8 Critical2024-07-22
CVE-2024-6793 Deserialization of Untrusted Data in NI VeriStand DataLogging Server — VeriStand 9.8 Critical2024-07-22
CVE-2024-6675 Deserialization of Untrusted Data Vulnerability in NI VeriStand Project File — VeriStand 7.8 High2024-07-22
CVE-2024-38759 WordPress Search & Replace plugin <= 3.2.2 - Deserialization of untrusted data vulnerability — Search & Replace 5.4 Medium2024-07-22
CVE-2024-6960 H2O deserializes ML models without filtering, potentially allowing execution of malicious code 7.5 High2024-07-21
CVE-2024-6944 ZhongBangKeJi CRMEB PublicController.php get_image_base64 deserialization — CRMEB 6.3 Medium2024-07-21
CVE-2024-6943 ZhongBangKeJi CRMEB CopyTaobaoServices.php downloadImage deserialization — CRMEB 6.3 Medium2024-07-21
CVE-2024-5726 Timeline Event History <= 3.1 - Authenticated (Contributor+) PHP Object Injection — Timeline Event History 8.8 High2024-07-18
CVE-2024-28074 SolarWinds Access Rights Manager (ARM) Internal Deserialization Remote Code Execution Vulnerability — Access Rights Manager 9.6 Critical2024-07-17
CVE-2024-40624 Deserialization of untrusted data in torrentpier/torrentpier — torrentpier 9.8 Critical2024-07-15
CVE-2023-49566 Apache Linkis DataSource: JDBC Datasource Module with DB2 has JNDI Injection vulnerability — Apache Linkis DataSource 8.1 -2024-07-15
CVE-2023-46801 Apache Linkis DataSource: DataSource Remote code execution vulnerability — Apache Linkis DataSource 8.1 -2024-07-15
CVE-2024-6645 WuKongOpenSource Wukong_nocode AviatorScript ExpressionUtil.java deserialization — Wukong_nocode 6.3 Medium2024-07-10
CVE-2024-6644 zmops ArgusDBM AviatorScript CalculateAlarm.java getDefaultClassLoader deserialization — ArgusDBM 6.3 Medium2024-07-10
CVE-2024-38094 Microsoft SharePoint Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 7.2 High2024-07-09
CVE-2024-38023 Microsoft SharePoint Server Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 7.2 High2024-07-09
CVE-2024-38024 Microsoft SharePoint Server Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 7.2 High2024-07-09
CVE-2023-32737 Siemens SIMATIC STEP 代码问题漏洞 — SIMATIC STEP 7 Safety V18 6.3 Medium2024-07-09
CVE-2023-32735 Siemens SIMATIC WinCC和SIMATIC STEP 代码问题漏洞 — SIMATIC STEP 7 Safety V16 6.5 Medium2024-07-09
CVE-2022-45147 Siemens SIMATIC PCS和SIMATIC STEP 代码问题漏洞 — SIMATIC PCS neo V4.0 7.8 High2024-07-09
CVE-2024-37502 WordPress Social Login plugin <= 2.6.3 - PHP Object Injection vulnerability — WooCommerce Social Login 5.4 Medium2024-07-09

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1677 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.