Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1677

1677 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-26289 Remote Code Inclusion Vulnerability in Multiple PMB Versions — PMB 9.8 Critical2024-05-27
CVE-2024-5352 anji-plus AJ-Report validationRules deserialization — AJ-Report 6.3 Medium2024-05-26
CVE-2024-5351 anji-plus AJ-Report Javascript getValueFromJs deserialization — AJ-Report 6.3 Medium2024-05-26
CVE-2024-5085 Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated PHP Object Injection — Hash Form – Drag & Drop Form Builder 8.1 High2024-05-23
CVE-2024-4471 140+ Widgets | Best Addons For Elementor – FREE <= 1.4.3.1 - Authenticated (Contributor+) PHP Object Injection — Xpro Addons — 140+ Widgets for Elementor 8.0 High2024-05-23
CVE-2024-4157 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.15 - PHP Object Injection via extractDynamicValues — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder 7.5 High2024-05-22
CVE-2024-31879 IBM i denial of service — i 7.5 High2024-05-18
CVE-2024-4733 ShiftController Employee Shift Scheduling <= 4.9.57 - Authenticated (Contributor+) PHP Object Injection — ShiftController Employee Shift Scheduling 7.5 High2024-05-16
CVE-2024-34751 WordPress Order Export & Order Import for WooCommerce plugin <= 2.4.9 - PHP Object Injection vulnerability — Order Export & Order Import for WooCommerce 4.4 Medium2024-05-16
CVE-2024-4838 ConvertPlus <= 3.5.26 - Authenticated (Contributor+) PHP Object Injection — ConvertPlus 7.5 High2024-05-16
CVE-2024-4200 Progress Telerik Reporting Local Deserialization Vulnerability — Telerik Reporting 7.7 High2024-05-15
CVE-2024-3483 Remote Code Execution vulnerability in the iManager — iManager 7.8 High2024-05-15
CVE-2024-3967 Remote Code Execution vulnerability in the iManager — iManager 7.6 High2024-05-15
CVE-2024-30042 Microsoft Excel Remote Code Execution Vulnerability — Office Online Server 7.8 High2024-05-14
CVE-2024-30044 Microsoft SharePoint Server Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 7.2 High2024-05-14
CVE-2024-4413 Hotel Booking Lite <= 4.11.1 - Unauthenticated PHP Object Injection — MotoPress Hotel Booking 9.8 Critical2024-05-10
CVE-2023-38264 IBM SDK, Java Technology Edition denial of service — SDK, Java Technology Edition 5.9 Medium2024-05-10
CVE-2024-4044 Deserialization of Untrusted Data Vulnerability in FlexLogger and InstrumentStudio — FlexLogger 7.8 High2024-05-10
CVE-2024-4699 D-Link DAR-8000-10 importhtml.php deserialization — DAR-8000-10 6.3 Medium2024-05-10
CVE-2024-2290 Advanced Ads – Ad Manager & AdSense <= 1.52.1 - Authenticated (Admin+) PHP Object Injection — Advanced Ads – Ad Manager & AdSense 7.2 High2024-05-09
CVE-2024-3070 Last Viewed Posts by WPBeginner <= 1.0.0 - Unauthenticated PHP Object Injection — Last Viewed Posts by WPBeginner 9.8 Critical2024-05-09
CVE-2024-3954 Ditty – Responsive News Tickers, Sliders, and Lists <= 3.1.38 - Authenticated (Contributor+) PHP Object Injection — Ditty – Responsive News Tickers, Sliders, and Lists 8.8 High2024-05-09
CVE-2024-28075 SolarWinds ARM Deserialization of Untrusted Data Remote Code Execution — Access Rights Manager 9.0 Critical2024-05-09
CVE-2024-34433 WordPress One Click Demo Import plugin <=3.2.0 - PHP Object Injection vulnerability — One Click Demo Import 4.4 Medium2024-05-09
CVE-2024-4606 WordPress Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder plugin <= 2.0.3 - PHP Object Injection vulnerability — Ultimate Store Kit Elementor Addons 5.4 Medium2024-05-09
CVE-2024-29800 WordPress Timber plugin <= 1.23.0 - Deserialization of untrusted data vulnerability — Timber 8.0 High2024-05-09
CVE-2024-22460 Dell DM5500 代码问题漏洞 — Data Manager Appliance Software (DMAS) 2.2 Low2024-05-08
CVE-2024-26579 Apache Inlong JDBC Vulnerability — Apache InLong 9.8AICriticalAI2024-05-08
CVE-2024-3240 ConvertPlug <= 3.5.25 - Authenticated (Contributor+) PHP Object Injection — ConvertPlus 8.8 High2024-05-04
CVE-2024-34075 kurwov vulnerable to Denial of Service due to improper data sanitization — kurwov 6.2 Medium2024-05-03

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1677 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.