Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1677

1677 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-21568 Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability — SQL Server Integration Services for Visual Studio 2019 7.3 High2023-02-14
CVE-2023-21707 Microsoft Exchange Server Remote Code Execution Vulnerability — Microsoft Exchange Server 2016 Cumulative Update 23 8.8 High2023-02-14
CVE-2023-21706 Microsoft Exchange Server Remote Code Execution Vulnerability — Microsoft Exchange Server 2019 Cumulative Update 12 8.8 High2023-02-14
CVE-2023-25558 Deserialization of untrusted data in DataHub — datahub 7.5 High2023-02-10
CVE-2022-3568 ImageMagick Engine <= 1.7.5 - Cross-Site Request Forgery to PHAR Deserialization — ImageMagick Engine 8.8 High2023-02-09
CVE-2023-25194 Apache Kafka Connect API: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration using Kafka Connect — Apache Kafka Connect API 8.8 -2023-02-07
CVE-2023-0669 Fortra GoAnywhere MFT License Response Servlet Command Injection — Goanywhere MFT 8.8 -2023-02-06
CVE-2023-24997 Apache InLong: Jdbc Connection Security Bypass — Apache InLong 9.8 -2023-02-01
CVE-2022-44645 Apache Linkis (incubating): The DatasourceManager module has a serialization attack vulnerability — Apache Linkis (incubating) 8.8 -2023-01-31
CVE-2022-32521 Schneider Electric StruxureWare Data Center Expert 代码问题漏洞 — Data Center Expert 7.1 High2023-01-30
CVE-2022-4890 abhilash1985 PredictApp Cookie new_framework_defaults_7_0.rb deserialization — PredictApp 6.3 Medium2023-01-16
CVE-2022-41778 Delta Electronics InfraSuite Device Master 代码问题漏洞 — InfraSuite Device Master 9.8 Critical2023-01-12
CVE-2023-21779 Visual Studio Code Remote Code Execution Vulnerability — Visual Studio Code 7.8 High2023-01-10
CVE-2023-21762 Microsoft Exchange Server Spoofing Vulnerability — Microsoft Exchange Server 2016 Cumulative Update 23 8.0 High2023-01-10
CVE-2023-21745 Microsoft Exchange Server Spoofing Vulnerability — Microsoft Exchange Server 2016 Cumulative Update 23 8.0 High2023-01-10
CVE-2023-21744 Microsoft SharePoint Server Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 8.8 High2023-01-10
CVE-2023-21538 .NET Denial of Service Vulnerability — .NET 6.0 7.5 High2023-01-10
CVE-2021-32828 Regular expression Denial of Service in MooTools — Nuxeo 5.4 Medium2023-01-05
CVE-2021-32824 Regular expression Denial of Service in MooTools — Dubbo 9.8 Critical2023-01-03
CVE-2022-32224 Rails 代码问题漏洞 — https://github.com/rails/rails 9.8 -2022-12-05
CVE-2022-46366 Apache Tapestry prior to version 4 (EOL) allows RCE though deserialization of untrusted input — Apache Tapestry 9.8 -2022-12-02
CVE-2022-36964 SolarWinds Platform Deserialization of Untrusted Data — SolarWinds Platform 8.8 High2022-11-29
CVE-2022-41958 Deserialization Vulnerability by yaml config input in super-xray — super-xray 7.3 High2022-11-25
CVE-2022-41875 Remote Code Execution in Optica — optica 10.0 Critical2022-11-23
CVE-2022-41922 yiisoft/yii before v1.1.27 vulnerable to Remote Code Execution if the application calls `unserialize()` on arbitrary user input — yii 8.1 High2022-11-23
CVE-2022-3861 Betheme <= 26.5.1.4 - Authenticated (Subscriber+) PHP Object Injection — Betheme 8.8 High2022-11-21
CVE-2022-3525 Deserialization of Untrusted Data in librenms/librenms — librenms/librenms 9.8 -2022-11-20
CVE-2022-45047 Apache MINA SSHD: Java unsafe deserialization vulnerability — Apache MINA SSHD 9.8 -2022-11-16
CVE-2022-45136 Apache Jena SDB allows arbitrary deserialisation via JDBC — Apache Jena SDB 9.8 -2022-11-14
CVE-2022-41203 SAP BusinessObjects BI Platform 代码问题漏洞 — SAP BusinessObjects Business Intelligence Platform (Central Management Console and BI Launchpad) 8.8 -2022-11-08

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1677 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.