Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1677

1677 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-36757 Microsoft Exchange Server Spoofing Vulnerability — Microsoft Exchange Server 2016 Cumulative Update 23 8.0 High2023-09-12
CVE-2023-36756 Microsoft Exchange Server Remote Code Execution Vulnerability — Microsoft Exchange Server 2016 Cumulative Update 23 8.0 High2023-09-12
CVE-2022-1415 Drools: unsafe data deserialization in streamutils — RHPAM 7.13.1 async 8.1 High2023-09-11
CVE-2023-4528 JSCAPE MFT Server Unsafe Deserialization on Management Port — JSCAPE MFT Server 9.8 -2023-09-07
CVE-2023-41330 Unsafe deserialization in knplabs/knp-snappy — snappy 9.8 Critical2023-09-06
CVE-2023-37941 Apache Superset: Metadata db write access can lead to remote code execution — Apache Superset 6.6 Medium2023-09-06
CVE-2023-30534 Insecure Deserialization in Cacti — cacti 4.3 Medium2023-09-05
CVE-2023-28072 Dell Alienware Command Center 代码问题漏洞 — Alienware Command Center (AWCC) 7.8 High2023-09-04
CVE-2023-40595 Remote Code Execution via Serialized Session Payload — Splunk Enterprise 8.8 High2023-08-30
CVE-2023-40195 Apache Airflow Spark Provider Deserialization Vulnerability RCE — Apache Airflow Spark Provider 8.0 -2023-08-28
CVE-2023-40571 weblogic-framework Deserialization of Untrusted Data vulnerability — weblogic-framework 9.8 Critical2023-08-25
CVE-2023-34040 Java Deserialization vulnerability in Spring-Kafka When Improperly Configured — Spring For Apache Kafka 5.3 Medium2023-08-24
CVE-2023-3259 Dataprobe 代码问题漏洞 — iBoot PDU 9.8 Critical2023-08-14
CVE-2023-38181 Microsoft Exchange Server Spoofing Vulnerability — Microsoft Exchange Server 2019 Cumulative Update 12 8.8 High2023-08-08
CVE-2023-38182 Microsoft Exchange Server Remote Code Execution Vulnerability — Microsoft Exchange Server 2019 Cumulative Update 13 8.0 High2023-08-08
CVE-2023-35388 Microsoft Exchange Server Remote Code Execution Vulnerability — Microsoft Exchange Server 2019 Cumulative Update 13 8.0 High2023-08-08
CVE-2023-38689 Deserialization of Untrusted Data in network IO — LogisticsPipes 8.1 High2023-08-04
CVE-2023-36480 Aerospike Java Client vulnerable to unsafe deserialization of server responses — aerospike-client-java 9.8 Critical2023-08-04
CVE-2022-40609 IBM SDK, Java Technology Edition code execution — SDK, Java Technology Edition 8.1 High2023-08-02
CVE-2023-24971 IBM B2B Advanced Communication denial of service — B2B Advanced Communications 7.5 High2023-07-31
CVE-2023-38647 Apache Helix: Deserialization vulnerability in Helix workflow and REST — Apache Helix 9.8 -2023-07-26
CVE-2023-37895 Apache Jackrabbit RMI access can lead to RCE — Apache Jackrabbit Webapp (jackrabbit-webapp) 9.8 -2023-07-25
CVE-2023-34434 Apache InLong: JDBC URL bypassing by allowLoadLocalInfileInPath param — Apache InLong 7.5 -2023-07-25
CVE-2023-3324 Insecure deserialization in zenon internal DLLs — ABB Ability™ zenon 6.3 Medium2023-07-24
CVE-2023-38203 Analysis CVE-2023-29300 Bypass: Adobe ColdFusion Pre-Auth RCE — ColdFusion 9.8 Critical2023-07-20
CVE-2023-28754 ShardingSphere-Agent: Deserialization vulnerability in ShardingSphere Agent — ShardingSphere-Agent 7.8 -2023-07-19
CVE-2023-26512 Apache EventMesh RabbitMQ-Connector plugin allows RCE through deserialization of untrusted data — Apache EventMesh (incubating) RabbitMQ connector 9.8 -2023-07-17
CVE-2023-25770 Controller stack overflow on decoding messages from the server — C300 9.8 Critical2023-07-13
CVE-2023-3343 User Registration <= 3.0.1 - Authenticated (Subscriber+) PHP Object Injection — User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder 8.8 High2023-07-13
CVE-2023-29300 Adobe ColdFusion Deserialization of Untrusted Data Arbitrary code execution — ColdFusion 9.8 Critical2023-07-12

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1677 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.