Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1677

1677 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-47599 WordPress File Manager Plugin <= 5.2.7 is vulnerable to PHP Object Injection — File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager 5.5 Medium2023-12-20
CVE-2023-7018 Deserialization of Untrusted Data in huggingface/transformers — huggingface/transformers 9.8 -2023-12-20
CVE-2023-49773 WordPress BCorp Shortcodes Plugin <= 0.23 is vulnerable to PHP Object Injection — BCorp Shortcodes 10.0 Critical2023-12-20
CVE-2023-49772 WordPress Genesis Simple Love Plugin <= 2.0 is vulnerable to PHP Object Injection — Genesis Simple Love 10.0 Critical2023-12-20
CVE-2023-28782 WordPress Gravity Forms Plugin <= 2.7.3 is vulnerable to PHP Object Injection — Gravity Forms 8.3 High2023-12-20
CVE-2023-40555 WordPress Flatsome Theme <= 3.17.5 is vulnerable to PHP Object Injection — Flatsome | Multi-Purpose Responsive WooCommerce Theme 8.3 High2023-12-20
CVE-2023-46147 WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to PHP Object Injection — Themify Ultra 7.4 High2023-12-20
CVE-2023-47507 WordPress Master Slider Pro Plugin <= 3.6.5 is vulnerable to PHP Object Injection — Master Slider Pro 7.1 High2023-12-20
CVE-2023-34027 WordPress Recently Viewed Products Plugin <= 1.0.0 is vulnerable to PHP Object Injection — Recently Viewed Products 8.3 High2023-12-19
CVE-2023-34382 WordPress Dokan Plugin <= 3.7.19 is vulnerable to PHP Object Injection — Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy 4.4 Medium2023-12-19
CVE-2023-37390 WordPress Themesflat Addons For Elementor Plugin <= 2.0.0 is vulnerable to PHP Object Injection — Themesflat Addons For Elementor 8.3 High2023-12-19
CVE-2023-6730 Deserialization of Untrusted Data in huggingface/transformers — huggingface/transformers 9.8 -2023-12-19
CVE-2023-46154 WordPress e2pdf Plugin <= 1.20.18 is vulnerable to PHP Object Injection — E2Pdf – Export To Pdf Tool for WordPress 6.6 Medium2023-12-18
CVE-2023-49819 WordPress Structured Content Plugin <= 1.5.3 is vulnerable to PHP Object Injection — Structured Content (JSON-LD) #wpsc 7.5 High2023-12-18
CVE-2023-46279 Apache Dubbo: Bypass deny serialize list check in Apache Dubbo — Apache Dubbo 9.8 -2023-12-15
CVE-2023-29234 Bypass serialize checks in Apache Dubbo — Apache Dubbo 9.8 -2023-12-15
CVE-2023-6656 DeepFaceLab DFLJPG.py deserialization — DeepFaceLab 5.0 Medium2023-12-10
CVE-2023-6654 PHPEMS Session Data session.cls.php deserialization — PHPEMS 6.3 Medium2023-12-10
CVE-2023-6580 D-Link DIR-846 QoS POST deserialization — DIR-846 8.8 High2023-12-07
CVE-2023-49297 Unsafe YAML deserialization in PyDrive2 — PyDrive2 3.3 Low2023-12-05
CVE-2023-46674 Elasticsearch-hadoop Unsafe Deserialization — Elasticsearch-Hadoop 6.0 Medium2023-12-05
CVE-2023-47207 Delta Electronics InfraSuite Device Master Deserialization of Untrusted Data — InfraSuite Device Master 9.8 Critical2023-11-30
CVE-2023-46302 Apache Submarine: Fix CVE-2022-1471 SnakeYaml unsafe deserialization — Apache Submarine 9.8AICriticalAI2023-11-20
CVE-2023-44351 Adobe ColdFusion RCE Security Vulnerability — ColdFusion 9.8 Critical2023-11-17
CVE-2023-44353 ColdFusion WDDX Deserialization Gadgets — ColdFusion 9.8 Critical2023-11-17
CVE-2023-44350 ColdFusion | Deserialization of Untrusted Data (CWE-502) — ColdFusion 9.8 Critical2023-11-17
CVE-2023-47130 Unsafe deserialization of user data in yiisoft/yii — yii 8.1 High2023-11-14
CVE-2023-36035 Microsoft Exchange Server Spoofing Vulnerability — Microsoft Exchange Server 2016 Cumulative Update 23 8.0 High2023-11-14
CVE-2023-36039 Microsoft Exchange Server Spoofing Vulnerability — Microsoft Exchange Server 2016 Cumulative Update 23 8.0 High2023-11-14
CVE-2023-36050 Microsoft Exchange Server Spoofing Vulnerability — Microsoft Exchange Server 2019 Cumulative Update 12 8.0 High2023-11-14

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1677 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.