Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1677

1677 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-1651 Torrentpier 2.4.1 - RCE — Torrentpier 10.0 Critical2024-02-19
CVE-2023-40057 SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution — Access Rights Manager 9.0 Critical2024-02-15
CVE-2024-23478 SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution — Access Rights Manager 8.0 High2024-02-15
CVE-2023-46615 WordPress KD Coming Soon Plugin <= 1.7 is vulnerable to PHP Object Injection — KD Coming Soon 5.4 Medium2024-02-12
CVE-2024-23512 WordPress ProductX – Gutenberg WooCommerce Blocks Plugin <= 3.1.4 is vulnerable to PHP Object Injection — ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks 8.7 High2024-02-12
CVE-2024-23513 WordPress PropertyHive Plugin <= 2.0.5 is vulnerable to PHP Object Injection — PropertyHive 8.7 High2024-02-12
CVE-2024-24796 WordPress Event Manager for WooCommerce Plugin <= 4.1.1 is vulnerable to PHP Object Injection — Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin 8.2 High2024-02-12
CVE-2024-24797 WordPress ERE Recently Viewed Plugin <= 1.3 is vulnerable to PHP Object Injection — ERE Recently Viewed – Essential Real Estate Add-On 9.8 Critical2024-02-12
CVE-2024-24926 WordPress Brooklyn Theme <= 4.9.7.6 is vulnerable to PHP Object Injection — Brooklyn | Creative Multi-Purpose Responsive WordPress Theme 7.5 High2024-02-12
CVE-2024-25100 WordPress Coupon Referral Program plugin < 1.8.4 - Unauthenticated PHP Object Injection vulnerability — Coupon Referral Program 10.0 Critical2024-02-12
CVE-2024-1432 DeepFaceLab main.py apply_xseg deserialization — DeepFaceLab 5.0 Medium2024-02-11
CVE-2024-1353 PHPEMS index.api.php index deserialization — PHPEMS 6.3 Medium2024-02-09
CVE-2024-24590 Allegro 代码问题漏洞 — ClearML 8.0 High2024-02-06
CVE-2024-0668 Advanced Database Cleaner <= 3.1.3 - Authenticated(Administrator+) PHP Object Injection via process_bulk_action — Advanced Database Cleaner – Optimize & Clean Database to Speed Up Site Performance 6.6 Medium2024-02-05
CVE-2023-6933 Better Search Replace <= 1.4.4 - Unauthenticated PHP Object Injection — Better Search Replace 8.8 High2024-02-05
CVE-2024-1225 QiboSoft QiboCMS X1 Pay.php rmb_pay deserialization — QiboCMS X1 7.3 High2024-02-05
CVE-2024-1198 openBI Phar User.php addxinzhi deserialization — openBI 6.3 Medium2024-02-02
CVE-2024-22320 IBM Operational Decision Manager code execution — Operational Decision Manager 9.8 Critical2024-02-02
CVE-2024-23328 The Dataease datasource exists deserialization and arbitrary file read vulnerability — dataease 9.1 Critical2024-02-01
CVE-2024-1032 openBI Test Connection Databasesource.php testConnection deserialization — openBI 7.3 High2024-01-30
CVE-2024-0960 flink-extended ai-flow workflow_command.py cloudpickle.loads deserialization — ai-flow 5.0 Medium2024-01-27
CVE-2024-0959 StanfordVL GibsonEnv pposgd_fuse.py cloudpickle.load deserialization — GibsonEnv 5.0 Medium2024-01-27
CVE-2024-0937 van_der_Schaar LAB synthcity PKL File load_from_file deserialization — synthcity 6.3 Medium2024-01-26
CVE-2024-20253 Cisco Unified Communications Products 安全漏洞 — Cisco Unified Contact Center Enterprise 9.9 Critical2024-01-26
CVE-2024-0936 van_der_Schaar LAB TemporAI PKL File load_from_file deserialization — TemporAI 6.3 Medium2024-01-26
CVE-2023-50943 Apache Airflow: Potential pickle deserialization vulnerability in XComs — Apache Airflow 8.2 -2024-01-24
CVE-2024-22284 WordPress Asgaros Forum Plugin <= 2.7.2 is vulnerable to PHP Object Injection — Asgaros Forum 8.7 High2024-01-24
CVE-2024-22309 WordPress ChatBot Plugin <= 5.1.0 is vulnerable to PHP Object Injection — ChatBot with AI 8.7 High2024-01-24
CVE-2024-23636 SOFARPC Remote Command Execution(RCE) Vulnerbility — sofa-rpc 9.8 Critical2024-01-23
CVE-2024-0739 Hecheng Leadshop leadshop.php deserialization — Leadshop 7.3 High2024-01-19

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1677 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.