Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1677

1677 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-26763 WordPress Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider Plugin <= 3.94.0 - PHP Object Injection vulnerability — Responsive Slider by MetaSlider 9.8 Critical2025-02-22
CVE-2025-1556 westboy CicadasCMS Template Management system deserialization — CicadasCMS 4.7 Medium2025-02-22
CVE-2024-13899 Mambo Importer <= 1.0 - Authenticated (Administrator+) PHP Object Injection — Mambo Importer 7.2 High2025-02-22
CVE-2025-1403 Qiskit SDK denial of service — Qiskit SDK 8.6 High2025-02-21
CVE-2024-13789 Ravpage <= 2.31 - PHP Object Injection — ravpage 9.8 Critical2025-02-20
CVE-2024-37361 Hitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted Data — Pentaho Data Integration & Analytics 9.9 Critical2025-02-19
CVE-2024-28777 IBM Cognos Controller code execution — Cognos Controller 8.8 High2025-02-19
CVE-2024-12562 s2Member Pro <= 241216 - Unauthenticated PHP Object Injection — s2Member Pro 9.8 Critical2025-02-15
CVE-2024-56180 Apache EventMesh: raft Hessian Deserialization Vulnerability allowing remote code execution — Apache EventMesh 9.8 -2025-02-14
CVE-2024-52577 Apache Ignite: Possible RCE when deserializing incoming messages by the server node — Apache Ignite 8.1 -2025-02-14
CVE-2024-13770 Puzzles | WP Magazine / Review with Store WordPress Theme + RTL <= 4.2.4 - Unauthenticated PHP Object Injection — Puzzles | WP Magazine / Review with Store WordPress Theme + RTL 8.1 High2025-02-13
CVE-2025-1186 dayrui XunRuiCMS Api.php deserialization — XunRuiCMS 6.3 Medium2025-02-12
CVE-2025-1177 dayrui XunRuiCMS Linkage.php import_add deserialization — XunRuiCMS 6.3 Medium2025-02-11
CVE-2025-24016 Remote code execution in Wazuh server — wazuh 9.9 Critical2025-02-10
CVE-2025-1113 taisan tarzan-cms Add Theme admin#themes upload deserialization — tarzan-cms 6.3 Medium2025-02-07
CVE-2024-9664 WP All Import Pro <= 4.9.7 - Authenticated (Administrator+) PHP Object Injection via Import File — WP All Import Pro 7.2 High2025-02-07
CVE-2025-1077 Remote Code Execution vulnerability in IBL Software Engineering Visual Weather and derived products (NAMIS, Aero Weather, Satellite Weather) — Visual Weather 9.8 -2025-02-07
CVE-2025-0994 Trimble Cityworks 安全漏洞 — Cityworks 8.8 -2025-02-06
CVE-2025-20124 Cisco Identity Services Engine Java Deserialization Vulnerability — Cisco Identity Services Engine Software 9.9 Critical2025-02-05
CVE-2025-24661 WordPress Taxi Booking Manager for WooCommerce plugin <= 1.1.8 - PHP Object Injection vulnerability — Taxi Booking Manager for WooCommerce 8.8 High2025-02-03
CVE-2025-0974 MaxD Lightning Module deserialization — Lightning Module 5.0 Medium2025-02-03
CVE-2024-13742 iControlWP – Multiple WordPress Site Manager <= 4.4.5 - Unauthenticated PHP Object Injection — iControlWP 9.8 Critical2025-01-30
CVE-2025-0841 Aridius XYZ News loadMore deserialization — XYZ 7.3 High2025-01-29
CVE-2025-24794 The Snowflake Connector for Python uses insecure deserialization of the OCSP response cache — snowflake-connector-python 6.7 Medium2025-01-29
CVE-2025-23045 CVAT allows remote code execution via tracker Nuclio functions — cvat 8.8 -2025-01-28
CVE-2024-0140 NVIDIA RAPIDS 代码问题漏洞 — RAPIDS cuDF and cuML 6.8 Medium2025-01-28
CVE-2025-0734 y_project RuoYi Whitelist getBeanName deserialization — RuoYi 4.7 Medium2025-01-27
CVE-2025-24357 vLLM allows a malicious model RCE by torch.load in hf_model_weights_iterator — vllm 7.5 High2025-01-27
CVE-2025-24671 WordPress Save as PDF Plugin by Pdfcrowd Plugin <= 4.4.0 - PHP Object Injection vulnerability — Save as PDF 9.8 Critical2025-01-27
CVE-2025-24601 WordPress FundPress plugin <= 2.0.6 - PHP Object Injection vulnerability — FundPress 9.8 Critical2025-01-27

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1677 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.