Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1677

1677 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-31932 OPEN BizRobo! 代码问题漏洞 — BizRobo! 8.8AIHighAI2025-04-11
CVE-2025-32607 WordPress WpBookingly plugin <= 1.3.0 - PHP Object Injection vulnerability — WpBookingly 9.8 Critical2025-04-11
CVE-2025-32568 WordPress EmpikPlace for Woocommerce Plugin <= 1.4.3 - PHP Object Injection vulnerability — EmpikPlace for Woocommerce 9.8 Critical2025-04-11
CVE-2025-32569 WordPress TableOn plugin <= 1.0.4.3 - PHP Object Injection vulnerability — TableOn 9.8 Critical2025-04-11
CVE-2025-32144 WordPress Job Board Manager Plugin <= 2.1.61 - PHP Object Injection vulnerability — Job Board Manager 8.8 High2025-04-11
CVE-2025-32143 WordPress Accordion plugin <= 2.3.11 - PHP Object Injection vulnerability — Accordion 8.8 High2025-04-11
CVE-2025-32145 WordPress WpEvently plugin <= 4.3.6 - PHP Object Injection vulnerability — WpEvently 8.8 High2025-04-10
CVE-2025-32375 Insecure Deserialization leads to RCE in BentoML's runner server — BentoML 9.8 Critical2025-04-09
CVE-2025-30284 ColdFusion | Deserialization of Untrusted Data (CWE-502) — ColdFusion 8.4 High2025-04-08
CVE-2025-24447 ColdFusion | Deserialization of Untrusted Data (CWE-502) — ColdFusion 9.1 Critical2025-04-08
CVE-2025-30285 ColdFusion | Deserialization of Untrusted Data (CWE-502) — ColdFusion 8.4 High2025-04-08
CVE-2025-29793 Microsoft SharePoint Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 7.2 High2025-04-08
CVE-2025-3413 opplus springboot-admin SysGeneratorController.java code deserialization — springboot-admin 6.3 Medium2025-04-08
CVE-2025-3425 Unauthenticated Remote Code Execution via .NET Deserialization — IntelliSpace Portal 9.8AICriticalAI2025-04-07
CVE-2025-2251 Org.jboss.eap:wildfly-ejb3: improper deserialization in jboss marshalling allows remote code execution 6.2 Medium2025-04-07
CVE-2025-31175 Huawei EMUI和Huawei HarmonyOS 安全漏洞 — HarmonyOS 8.4 High2025-04-07
CVE-2025-3250 elunez eladmin Maintenance Management Module testConnect deserialization — eladmin 4.3 Medium2025-04-04
CVE-2025-27520 BentoML Allows Remote Code Execution (RCE) via Insecure Deserialization — BentoML 9.8 Critical2025-04-04
CVE-2025-2244 Insecure PHP deserialization issue in GravityZone Console (VA-12634) — GravityZone Console 9.8AICriticalAI2025-04-04
CVE-2025-3165 thu-pacman chitu backend.py torch.load deserialization — chitu 5.3 Medium2025-04-03
CVE-2025-3162 InternLM LMDeploy PT File utils.py load_weight_ckpt deserialization — LMDeploy 5.3 Medium2025-04-03
CVE-2025-30889 WordPress Testimonial Slider plugin <= 2.0.13 - PHP Object Injection vulnerability — Testimonial Slider 8.8 High2025-04-03
CVE-2024-39780 Use of unsafe yaml load in dynparam — Robot Operating System (ROS) 7.8 High2025-04-02
CVE-2025-31612 WordPress CBX Poll plugin <= 2.0.4 - PHP Object Injection vulnerability — CBX Poll 9.8 Critical2025-04-01
CVE-2025-30892 WordPress WpTravelly Plugin <= 1.8.7 - PHP Object Injection vulnerability — WpTravelly 8.8 High2025-04-01
CVE-2025-27130 Welcart e-Commerce 代码问题漏洞 — Welcart e-Commerce 9.8 -2025-04-01
CVE-2025-30065 Apache Parquet Java: Arbitrary code execution in the parquet-avro module when reading an Avro schema from a Parquet file metadata — Apache Parquet Java 9.8AICriticalAI2025-04-01
CVE-2025-31074 WordPress MDJM Event Management plugin <= 1.7.5.2 - PHP Object Injection vulnerability — Mobile DJ Manager 8.8 High2025-04-01
CVE-2025-31087 WordPress Multiple Shipping And Billing Address For Woocommerce plugin <= 1.5 - PHP Object Injection Vulnerability — Multiple Shipping And Billing Address For Woocommerce 9.8 Critical2025-04-01
CVE-2025-31084 WordPress Sunshine Photo Cart plugin <= 3.4.10 - PHP Object Injection Vulnerability — Sunshine Photo Cart 9.8 Critical2025-04-01

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1677 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.