Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1677

1677 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-6525 D-Link DAR-7000 decodmail.php deserialization — DAR-7000 2.7 Low2024-07-05
CVE-2024-6441 ORIPA LoaderXML.java deserialization — ORIPA 6.3 Medium2024-07-02
CVE-2024-36984 Remote Code Execution through Serialized Session Payload in Splunk Enterprise on Windows — Splunk Enterprise 8.8 High2024-07-01
CVE-2024-29040 Fapi Verify Quote: Does not detect if quote was not generated by TPM — tpm2-tss 4.3 Medium2024-06-28
CVE-2024-5016 WhatsUp Gold OnMessage Deserialization of Untrusted Data Remote Code Execution Vulnerability — WhatsUp Gold 7.2 High2024-06-25
CVE-2024-35780 WordPress Page Builder: Live Composer plugin <= 1.5.42 - Contributor+ PHP Object Injection vulnerability — Page Builder: Live Composer 8.5 High2024-06-19
CVE-2024-5649 Universal Slider <= 1.6.5 - Authenticated (Contributor+) PHP Object Injection — Universal Slider 5.4 Medium2024-06-19
CVE-2024-5724 Photo Video Gallery Master <= 1.5.3 - Authenticated (Contributor+) PHP Object Injection — Photo Video Gallery Master 8.8 High2024-06-19
CVE-2024-5871 WooCommerce - Social Login <= 2.6.2 - Unauthenticated PHP Object Injection — WooCommerce - Social Login 9.8 Critical2024-06-15
CVE-2024-5671 Trellix IPS Manager 代码问题漏洞 — Intrusion Prevention System (IPS) Manager 9.8 Critical2024-06-14
CVE-2024-4371 CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More <= 4.4.1 - Unauthenticated PHP Object Injection — CoDesigner – All in One Elementor WooCommerce Builder 9.0 Critical2024-06-13
CVE-2024-3468 Deserialization of Untrusted Data in AVEVA PI Web API — PI Web API 8.8AIHighAI2024-06-12
CVE-2024-3467 Deserialization of Untrusted Data in AVEVA PI Asset Framework Client — PI Asset Framework Client 8.8AIHighAI2024-06-12
CVE-2024-28964 Dell Common Event Enabler 代码问题漏洞 — Common Event Enabler 7.8 High2024-06-12
CVE-2024-35249 Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability — Microsoft Dynamics 365 Business Central 2024 Release Wave 1 8.8 High2024-06-11
CVE-2024-5675 Unreliable data deserialization vulnerability in Mentor — Mentor – Employee Portal 10.0 Critical2024-06-06
CVE-2024-37065 Skops 安全漏洞 — Skops 7.8 High2024-06-04
CVE-2024-37064 ydata-profiling 安全漏洞 — ydata-profiling 7.8 High2024-06-04
CVE-2024-37062 ydata-profiling 安全漏洞 — ydata-profiling 7.8 High2024-06-04
CVE-2024-37060 MLflow 安全漏洞 — MLflow 8.8 High2024-06-04
CVE-2024-37059 Mlflow 安全漏洞 — MLflow 8.8 High2024-06-04
CVE-2024-37058 MLflow 安全漏洞 — MLflow 8.8 High2024-06-04
CVE-2024-37057 MLflow 安全漏洞 — MLflow 8.8 High2024-06-04
CVE-2024-37056 MLflow 安全漏洞 — MLflow 8.8 High2024-06-04
CVE-2024-37055 MLflow 安全漏洞 — MLflow 8.8 High2024-06-04
CVE-2024-37054 MLflow 安全漏洞 — MLflow 8.8 High2024-06-04
CVE-2024-37053 Mlflow 安全漏洞 — MLflow 8.8 High2024-06-04
CVE-2024-37052 Mlflow 安全漏洞 — MLflow 8.8 High2024-06-04
CVE-2024-3300 Pre-authentication Unsafe .NET object deserialization vulnerability affecting DELMIA Apriso Release 2019 through Release 2024 — DELMIA Apriso 9.0 Critical2024-05-30
CVE-2024-3301 Post-authentication Unsafe .NET object deserialization vulnerability affecting DELMIA Apriso Release 2019 through Release 2024 — DELMIA Apriso 8.5 High2024-05-30

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1677 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.