Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1676

1676 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-34489 GFI MailEssentials < 21.8 Local Privilege Escalation — MailEssentials 7.8 High2025-04-28
CVE-2023-35815 DevExpress 安全漏洞 — DevExpress 3.5 Low2025-04-28
CVE-2023-35814 DevExpress 安全漏洞 — DevExpress 3.5 Low2025-04-28
CVE-2025-2105 Jupiter X Core <= 4.8.11 - Unauthenticated PHP Object Injection via PHAR — Jupiter X Core 8.1 High2025-04-26
CVE-2025-3935 ScreenConnect Exposure to ASP.NET ViewState Code Injection — ScreenConnect 8.1 High2025-04-25
CVE-2025-46473 WordPress Social Counter plugin <= 2.0.5 - PHP Object Injection Vulnerability — Social Counter 7.2 High2025-04-24
CVE-2025-46481 WordPress Flickr Shortcode Importer plugin <= 2.2.3 - PHP Object Injection Vulnerability — Flickr Shortcode Importer 7.2 High2025-04-24
CVE-2025-23249 NVIDIA Nemo Framework 代码问题漏洞 — NeMo Framework 7.6 High2025-04-22
CVE-2025-32434 PyTorch: `torch.load` with `weights_only=True` leads to remote code execution — pytorch 8.8 -2025-04-18
CVE-2025-29953 Apache ActiveMQ NMS OpenWire Client: deserialization allowlist bypass — Apache ActiveMQ NMS OpenWire Client 9.8 -2025-04-18
CVE-2025-27287 WordPress SS Quiz Plugin <= 2.0.5 - PHP Object Injection vulnerability — SS Quiz 9.8 Critical2025-04-17
CVE-2025-27286 WordPress Saoshyant Slider Plugin <= 3.0 - PHP Object Injection vulnerability — Saoshyant Slider 9.8 Critical2025-04-17
CVE-2025-32571 WordPress TuriTop Booking System Plugin <= 1.0.10 - PHP Object Injection vulnerability — TuriTop Booking System 8.8 High2025-04-17
CVE-2025-32572 WordPress Kata Plus Plugin <= 1.5.3 - PHP Object Injection vulnerability — Kata Plus 9.8 Critical2025-04-17
CVE-2025-32647 WordPress Question Answer plugin <= 1.2.73 - PHP Object Injection vulnerability — Question Answer 8.8 High2025-04-17
CVE-2025-32658 WordPress HelpGent plugin <= 2.2.5 - PHP Object Injection vulnerability — HelpGent 9.8 Critical2025-04-17
CVE-2025-32662 WordPress uListing plugin <= 2.2.0 - Deserialization of untrusted data vulnerability — uListing 8.8 High2025-04-17
CVE-2025-32686 WordPress Team Members plugin <= 3.4.4 - PHP Object Injection Vulnerability — Team Members 8.8 High2025-04-17
CVE-2025-39527 WordPress Rating by BestWebSoft plugin <= 1.7 - PHP Object Injection Vulnerability — Rating by BestWebSoft 8.8 High2025-04-17
CVE-2025-39550 WordPress FluentCommunity plugin <= 1.2.15 - PHP Object Injection Vulnerability — FluentCommunity 9.8 Critical2025-04-17
CVE-2025-39551 WordPress FluentBoards plugin <= 1.47 - PHP Object Injection Vulnerability — FluentBoards 9.8 Critical2025-04-17
CVE-2025-39588 WordPress Ultimate Store Kit Elementor Addons plugin <= 2.4.0 - Deserialization of untrusted data Vulnerability — Ultimate Store Kit Elementor Addons 9.8 Critical2025-04-17
CVE-2025-39565 WordPress MelaPress Login Security plugin <= 2.1.0 - PHP Object Injection Vulnerability — MelaPress Login Security 6.6 Medium2025-04-16
CVE-2025-3677 lm-sys fastchat apply_delta.py apply_delta_low_cpu_mem deserialization — fastchat 5.3 Medium2025-04-16
CVE-2025-30985 WordPress GNUCommerce plugin <= 1.5.4 - PHP Object Injection vulnerability — GNUCommerce 9.8 Critical2025-04-15
CVE-2025-3622 Xorbits Inference model.py load deserialization — Inference 5.5 Medium2025-04-15
CVE-2025-3590 Adianti Framework deserialization — Framework 6.3 Medium2025-04-14
CVE-2025-31935 Subnet Solutions PowerSYSTEM Center Deserialization of Untrusted Data — PowerSYSTEM Center 2020 6.2 Medium2025-04-11
CVE-2025-3439 Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress <= 3.1.1 - Unauthenticated PHP Object Injection — Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder 9.8 Critical2025-04-11
CVE-2025-31932 OPEN BizRobo! 代码问题漏洞 — BizRobo! 8.8AIHighAI2025-04-11

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1676 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.