Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1676

1676 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-29875 多款Siemens 产品代码问题漏洞 — Biograph Horizon PET/CT Systems 9.8 -2022-06-01
CVE-2022-1660 Keysight N6854A Geolocation server and N6841A RF Sensor software — N6854A Geolocation server and N6841A RF Sensor software 9.8 Critical2022-05-31
CVE-2021-32935 Cognex In-Sight OPC Server - Deserialization of Untrusted Data — In-Sight OPC Server 8.8 High2022-05-23
CVE-2022-1118 Rockwell Automation ISaGRAF Deserialization of Untrusted Data — Connected Component Workbench 8.6 High2022-05-17
CVE-2022-0573 JFrog Artifactory 代码问题漏洞 — JFrog Artifactory 8.8 High2022-05-16
CVE-2022-1463 Booking Calendar <= 9.1 - PHP Object Injection via Shortcode — Booking Calendar 8.8 High2022-05-10
CVE-2021-21956 CloudLinux Imunify360 代码问题漏洞 — Imunify360 8.4 -2022-04-14
CVE-2022-23450 Siemens SIMATIC 代码问题漏洞 — SIMATIC Energy Manager Basic 9.8 -2022-04-12
CVE-2022-20763 Cisco Webex Meetings Java Deserialization Vulnerability — Cisco Webex Meetings 5.4 Medium2022-04-06
CVE-2022-1032 Insecure deserialization of not validated module file in crater-invoice/crater — crater-invoice/crater 7.2 -2022-03-29
CVE-2019-6834 Schneider Electric Software Update 代码问题漏洞 — Software Update (SESU) – SUT Service component 7.3 High2022-03-28
CVE-2021-27475 Rockwell Automation Connected Components Workbench Deserialization of Untrusted Data — Connected Components Workbench 8.6 High2022-03-23
CVE-2021-27470 Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data — FactoryTalk AssetCentre 10.0 Critical2022-03-23
CVE-2021-27466 Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data — FactoryTalk AssetCentre 10.0 Critical2022-03-23
CVE-2021-27462 Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data — FactoryTalk AssetCentre 10.0 Critical2022-03-23
CVE-2021-27460 Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data — FactoryTalk AssetCentre 10.0 Critical2022-03-23
CVE-2022-24282 Siemens SINEC NMS 代码问题漏洞 — SINEC NMS 7.2 High2022-03-08
CVE-2022-21828 Incapptic Connect 安全漏洞 — Ivanti Incapptic Connect 7.2 -2022-03-04
CVE-2022-0138 Airspan Networks Mimosa Deserialization of Untrusted Data — MMP 7.5 High2022-02-18
CVE-2022-24289 Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions — Apache Cayenne 8.8 -2022-02-11
CVE-2022-23307 A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution. — Apache Log4j 1.x 9.8 -2022-01-18
CVE-2022-23302 Deserialization of untrusted data in JMSSink in Apache Log4j 1.x — Apache Log4j 1.x 8.8 -2022-01-18
CVE-2021-43297 Dubbo Hessian cause RCE when parse error — Apache Dubbo 9.8 -2022-01-10
CVE-2021-42392 H2database代码问题漏洞 — h2 9.8 -2022-01-07
CVE-2022-21647 Deserialization of Untrusted Data in Codeigniter4 — CodeIgniter4 7.7 High2022-01-04
CVE-2021-20318 Red Hat Jboss Enterprise Application Platform 7 代码问题漏洞 — Artemis in EAP 7 7.2 -2021-12-23
CVE-2021-4118 Deserialization of Untrusted Data in pytorchlightning/pytorch-lightning — pytorchlightning/pytorch-lightning 7.8 -2021-12-23
CVE-2021-36336 Dell Wyse Management Suite代码问题漏洞 — Wyse Management Suite 9.8 Critical2021-12-21
CVE-2021-42550 RCE from attacker with configuration edit priviledges through JNDI lookup — logback 6.6 Medium2021-12-16
CVE-2021-4104 Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2 — Apache Log4j 1.x 7.5 -2021-12-14

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1676 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.