Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1675

1675 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-39139 XStream is vulnerable to an Arbitrary Code Execution attack — xstream 8.5 High2021-08-23
CVE-2021-21868 3s-smart Software Solutions CODESYS Development System 代码问题漏洞 — CODESYS 7.8 -2021-08-18
CVE-2021-21867 3s-smart Software Solutions CODESYS Development System 代码问题漏洞 — CODESYS 7.8 -2021-08-18
CVE-2021-37678 Arbitrary code execution due to YAML deserialization — tensorflow 9.3 Critical2021-08-12
CVE-2021-37632 Deserialization of Untrusted Data in com.supermartijn642.configlib.ConfigSyncPacket — SuperMartijn642sConfigLib 8.1 High2021-08-05
CVE-2021-21863 3s-smart Software Solutions CODESYS Development System 代码问题漏洞 — CODESYS 7.8 -2021-08-05
CVE-2021-21866 3s-smart Software Solutions CODESYS Development System代码问题漏洞 — CODESYS 7.8 -2021-08-02
CVE-2021-21865 3s-smart Software Solutions CODESYS Development System 代码问题漏洞 — CODESYS 7.8 -2021-08-02
CVE-2021-21864 3s-smart Software Solutions CODESYS Development System 代码问题漏洞 — CODESYS 7.8 -2021-08-02
CVE-2021-37578 Remote code execution via RMI — Apache jUDDI 9.8 -2021-07-29
CVE-2020-5341 Dell EMC Avamar Server 代码问题漏洞 — Avamar Virtual Edition 9.8 Critical2021-07-28
CVE-2021-22777 SoSafe Configurable 代码问题漏洞 — SoSafe Configurable prior to V1.8.1 7.8 -2021-07-21
CVE-2021-32742 Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash — vapor 7.5 High2021-07-09
CVE-2021-24384 JoomSport < 5.1.8 - Unauthenticated PHP Object Injection — JoomSport – for Sports: Team & League, Football, Hockey & more 9.8 -2021-07-06
CVE-2021-29485 Remote Code Execution Vulnerability in Session Storage — ratpack 9.9 Critical2021-06-29
CVE-2020-9493 Java deserialization in Chainsaw — Apache Chainsaw 9.8 -2021-06-16
CVE-2021-3040 Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution — Bridgecrew Checkov 6.7 Medium2021-06-10
CVE-2021-33176 VerneMQ MQTT Broker 安全漏洞 — vernemq 7.5 -2021-06-08
CVE-2021-33175 EMQ X Broker 安全漏洞 — EMQ X Broker 7.5 -2021-06-08
CVE-2021-23895 Authorized deserialization of untrusted data in McAfee DBSec — McAfee Database Security (DBSec) 9.0 Critical2021-06-02
CVE-2021-23894 Unauthorized deserialization of untrusted data in McAfee DBSec — McAfee Database Security (DBSec) 9.6 Critical2021-06-02
CVE-2021-24307 All in One SEO Pack < 4.1.0.2 - Admin RCE via unserialize — All in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings 8.8 -2021-05-24
CVE-2021-32634 Deserialization of Untrusted Data in Emissary — emissary 7.2 High2021-05-21
CVE-2021-31474 SolarWinds Network Performance Monitor 代码问题漏洞 — Network Performance Monitor 9.8 -2021-05-21
CVE-2021-24280 Redirection for Contact Form 7 < 2.3.4 - Authenticated PHP Object Injection — Redirection for Contact Form 7 8.8 -2021-05-14
CVE-2021-29508 Insecure deserialization in Wire — Wire 9.1 Critical2021-05-11
CVE-2021-29476 Insecure Deserialization of untrusted data in rmccue/requests — Requests 9.8 Critical2021-04-27
CVE-2020-7385 Metasploit Framework 'drb_remote_codeexec' code execution — Metasploit Framework 8.1 High2021-04-23
CVE-2021-27277 Solarwinds Orion Virtual Infrastructure Monitor 代码问题漏洞 — Orion Virtual Infrastructure Monitor 7.8 -2021-04-22
CVE-2021-21426 Fixes a bug in Zend Framework's Stream HTTP Wrapper — magento-lts 9.8 Critical2021-04-21

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1675 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.