Weaknesses of type CWE-502
2,215 resultsCVE-2020-15098HIGHMissing Required Cryptographic Step Leading to Sensitive Information Disclosure in TYPO3 CMSEPSS 2.2%CVE-2020-6959—The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMEPSS 2.2%CVE-2024-49070HIGHMicrosoft SharePoint Remote Code Execution VulnerabilityEPSS 2.2%CVE-2022-24289—Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versionsEPSS 2.2%CVE-2023-35186HIGHSolarWinds Access Rights Manager Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 2.2%CVE-2023-34040MEDIUMJava Deserialization vulnerability in Spring-Kafka When Improperly ConfiguredEPSS 2.2%CVE-2021-29476CRITICALInsecure Deserialization of untrusted data in rmccue/requestsEPSS 2.1%CVE-2024-30042HIGHMicrosoft Excel Remote Code Execution VulnerabilityEPSS 2.1%CVE-2018-7529—A Deserialization of Untrusted Data issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may modifEPSS 2.1%CVE-2025-30382HIGHMicrosoft SharePoint Server Remote Code Execution VulnerabilityEPSS 2.1%CVE-2023-29216CRITICALApache Linkis DatasourceManager module has a deserialization command executionEPSS 2.1%CVE-2023-29215CRITICALApache Linkis JDBC EngineCon has a deserialization command executionEPSS 2.1%CVE-2026-33112HIGHMicrosoft SharePoint Server Remote Code Execution VulnerabilityEPSS 2.1%CVE-2021-24384—JoomSport < 5.1.8 - Unauthenticated PHP Object InjectionEPSS 2.1%CVE-2024-3568LOWArbitrary Code Execution via Deserialization in huggingface/transformersEPSS 2.1%CVE-2024-20253CRITICALA vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attackEPSS 2.1%CVE-2020-17405HIGHThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Senstar Symphony 7.3.2.2. AuthenEPSS 2.0%CVE-2022-40955HIGHDeserialization attack in Apache InLong prior to version 1.3.0 allows RCE via JDBCEPSS 2.0%CVE-2026-44963CRITICALA vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.EPSS 2.0%CVE-2020-12015—A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition due to improper deserializatEPSS 2.0%