Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1677

1677 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-41874 ColdFusion | Deserialization of Untrusted Data (CWE-502) — ColdFusion 9.8 Critical2024-09-13
CVE-2024-28991 SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution — Access Rights Manager 9.0 Critical2024-09-12
CVE-2024-45855 MindsDB 安全漏洞 — mindsdb 7.1 High2024-09-12
CVE-2024-45854 MindsDB 安全漏洞 — mindsdb 7.1 High2024-09-12
CVE-2024-45853 MindsDB 安全漏洞 — mindsdb 7.1 High2024-09-12
CVE-2024-45852 MindsDB 安全漏洞 — mindsdb 8.8 High2024-09-12
CVE-2024-45857 Cleanlab 安全漏洞 — cleanlab 7.8 High2024-09-12
CVE-2024-43466 Microsoft SharePoint Server Denial of Service Vulnerability — Microsoft SharePoint Enterprise Server 2016 6.5 Medium2024-09-10
CVE-2024-43464 Microsoft SharePoint Server Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 7.2 High2024-09-10
CVE-2024-38018 Microsoft SharePoint Server Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 8.8 High2024-09-10
CVE-2024-37288 Elastic Kibana 安全漏洞 — Kibana 9.9 Critical2024-09-09
CVE-2024-7435 Attire <= 2.0.6 - Authenticated (Contributor+) PHP Object Injection — Attire 8.8 High2024-08-31
CVE-2024-8016 The Events Calendar Pro <= 7.0.2 - Authenticated (Administrator+) PHP Object Injection to Remote Code Execution — The Events Calendar Pro 9.1 Critical2024-08-30
CVE-2024-2694 Betheme <= 27.5.6 - Authenticated (Contributor+) PHP Object Injection — Betheme 8.8 High2024-08-30
CVE-2024-8255 Path Traversal in Ocean Data Systems Dream Report — DTN Soft 9.8AICriticalAI2024-08-29
CVE-2024-43931 WordPress JobSearch WP Job Board WordPress Plugin plugin <= 2.5.3 - PHP Object Injection vulnerability — JobSearch 9.8 Critical2024-08-29
CVE-2022-2440 Theme Editor <= 2.8 - Authenticated (Admin+) PHAR Deserialization — Theme Editor 7.2 High2024-08-29
CVE-2024-8030 Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 2.0.3 - Unauthenticated PHP Object Injection — Ultimate Store Kit – Addon For WooCommerce, EDD and Elementor 9.8 Critical2024-08-28
CVE-2024-7351 Simple Job Board <= 2.12.3 - Authenticated (Editor+) PHP Object Injection — Simple Job Board 7.2 High2024-08-24
CVE-2024-5335 Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 1.6.4 - Unauthenticated PHP Object Injection — Ultimate Store Kit – Addon For WooCommerce, EDD and Elementor 9.8 Critical2024-08-21
CVE-2024-42362 GHSL-2023-255: HertzBeat Authenticated (user role) RCE via unsafe deserialization in /api/monitors/import — HertzBeat 8.8 High2024-08-20
CVE-2024-42363 GHSL-2023-136_Samson — Samson 8.8 High2024-08-20
CVE-2024-8003 Go-Tribe gotribe-admin Log routes.go InitRoutes deserialization — gotribe-admin 3.5 Low2024-08-20
CVE-2024-5932 GiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution — GiveWP – Donation Plugin and Fundraising Platform 10.0 Critical2024-08-20
CVE-2024-43354 WordPress myCred plugin <= 2.7.2 - PHP Object Injection vulnerability — myCred 9.8AICriticalAI2024-08-19
CVE-2024-43252 WordPress Crew HRM plugin <= 1.1.1 - PHP Object Injection vulnerability — Crew HRM 9.0 Critical2024-08-19
CVE-2024-43242 WordPress Indeed Ultimate Membership Pro plugin <= 12.7 - Unauthenticated PHP Object Injection vulnerability — Ultimate Membership Pro 9.8AICriticalAI2024-08-19
CVE-2024-37099 WordPress GiveWP plugin <= 3.14.1 - Unauthenticated PHP Object Injection vulnerability — GiveWP 10.0 Critical2024-08-19
CVE-2024-28986 SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability — Web Help Desk 9.8 Critical2024-08-13
CVE-2024-43141 WordPress Participants Database plugin <= 2.5.9.2 - PHP Object Injection vulnerability — Participants Database 9.8 Critical2024-08-13

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1677 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.