Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1675

1675 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-48780 Soar Cloud HRD Human Resource Management System - Deserialization of Untrusted Data — HRD Human Resource Management System 9.8AICriticalAI2025-06-06
CVE-2025-5680 Shenzhen Dashi Tongzhou Information Technology AgileBPM Groovy Script SysScriptController.java executeScript deserialization — AgileBPM 6.3 Medium2025-06-05
CVE-2025-5679 Shenzhen Dashi Tongzhou Information Technology AgileBPM SysToolsController.java parseStrByFreeMarker deserialization — AgileBPM 6.3 Medium2025-06-05
CVE-2025-20276 Cisco Unified Contact Center Express Remote Code Execution Vulnerability — Cisco Unified Contact Center Express 3.8 Low2025-06-04
CVE-2025-20275 Cisco Unified Contact Center Express Editor Remote Code Execution Vulnerability — Cisco Unified Contact Center Express 5.3 Medium2025-06-04
CVE-2025-5552 ChestnutCMS API Endpoint exec deserialization — ChestnutCMS 6.3 Medium2025-06-04
CVE-2025-48951 Auth0-PHP SDK Deserialization of Untrusted Data vulnerability — auth0-PHP 9.1AICriticalAI2025-06-03
CVE-2025-5499 slackero phpwcms image_resized.php getimagesize deserialization — phpwcms 7.3 High2025-06-03
CVE-2025-5498 slackero phpwcms Custom Source Tab cnt21.readform.inc.php is_file deserialization — phpwcms 5.5 Medium2025-06-03
CVE-2025-5497 slackero phpwcms Feedimport processing.inc.php deserialization — phpwcms 6.3 Medium2025-06-03
CVE-2025-2939 Ninja Tables – Easy Data Table Builder <= 5.0.18 - Unauthenticated PHP Object Injection to Limited Remote Code Execution — Ninja Tables – Easy Data Table Builder 5.6 Medium2025-06-03
CVE-2025-5086 Deserialization of Untrusted Data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 — DELMIA Apriso 9.0 Critical2025-06-02
CVE-2025-49113 Roundcube Webmail 安全漏洞 — Webmail 9.9 Critical2025-06-02
CVE-2025-5326 zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 verifyToken deserialization — ADP Application Developer Platform 应用开发者平台 6.3 Medium2025-05-29
CVE-2025-48336 WordPress Course Builder < 3.6.6 - PHP Object Injection Vulnerability — Course Builder 9.8 Critical2025-05-29
CVE-2025-48389 FreeScout Vulnerable to Deserialization of Untrusted Data — freescout 8.8AIHighAI2025-05-29
CVE-2025-27528 Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read — Apache InLong 7.5AIHighAI2025-05-28
CVE-2025-27526 Apache InLong: JDBC Vulnerability For URLEncode and backspace bypass — Apache InLong 9.8AICriticalAI2025-05-28
CVE-2025-27522 Apache InLong: JDBC Vulnerability during verification processing — Apache InLong 8.1AIHighAI2025-05-28
CVE-2025-5174 erdogant pypickle pypickle.py load deserialization — pypickle 5.3 Medium2025-05-26
CVE-2025-5173 HumanSignal label-studio-ml-backend PT File neural_nets.py load deserialization — label-studio-ml-backend 5.3 Medium2025-05-26
CVE-2025-5148 FunAudioLLM InspireMusic Pickle Data model.py load_state_dict deserialization — InspireMusic 5.3 Medium2025-05-25
CVE-2025-5114 easysoft zentaopms Editor index.php edit deserialization — zentaopms 6.3 Medium2025-05-23
CVE-2025-31049 WordPress Dash <= 1.3 - PHP Object Injection Vulnerability — Dash 9.8 Critical2025-05-23
CVE-2025-31069 WordPress HotStar – Multi-Purpose Business Theme <= 1.4 - PHP Object Injection Vulnerability — HotStar – Multi-Purpose Business Theme 9.8 Critical2025-05-23
CVE-2025-31423 WordPress Umberto theme <= 1.2.8 - PHP Object Injection Vulnerability — Umberto 9.8 Critical2025-05-23
CVE-2025-31631 WordPress Fish House theme <= 1.2.7 - PHP Object Injection Vulnerability — Fish House 9.8 Critical2025-05-23
CVE-2025-31430 WordPress The Business <= 1.6.1 - PHP Object Injection Vulnerability — The Business 9.8 Critical2025-05-23
CVE-2025-31927 WordPress Acerola <= 1.6.5 - PHP Object Injection Vulnerability — Acerola 9.8 Critical2025-05-23
CVE-2025-31924 WordPress Crafts & Arts theme <= 2.5 - PHP Object Injection Vulnerability — Crafts & Arts 8.8 High2025-05-23

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1675 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.