Weaknesses of type CWE-502
2,215 resultsCVE-2023-21745HIGHMicrosoft Exchange Server Spoofing VulnerabilityEPSS 1.5%CVE-2024-28859MEDIUMGadget chain in Symfony 1 due to vulnerable Swift Mailer dependencyEPSS 1.5%CVE-2020-12000—The affected product is vulnerable to the handling of serialized data. The issue results from the lack of proper validation of user-suppliedEPSS 1.5%CVE-2023-27296HIGHApache InLong: JDBC Deserialization Vulnerability in InLongEPSS 1.5%CVE-2022-39312CRITICALDataease Mysql Data Source JDBC Connection Parameters Not Verified Leads to Deserialization VulnerabilityEPSS 1.5%CVE-2023-39913HIGHApache UIMA Java SDK Core, Apache UIMA Java SDK CPE, Apache UIMA Java SDK Vinci adapter, Apache UIMA Java SDK tools: Potential untrusted code execution when deserializing certain binary CAS formatsEPSS 1.5%CVE-2022-31710HIGHvRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization oEPSS 1.5%CVE-2026-23864HIGHMultiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, reacEPSS 1.5%CVE-2025-32444CRITICALvLLM Vulnerable to Remote Code Execution via Mooncake IntegrationEPSS 1.5%CVE-2023-21703MEDIUMAzure Data Box Gateway Remote Code Execution VulnerabilityEPSS 1.5%CVE-2022-34268CRITICALAn issue was discovered in RWS WorldServer before 11.7.3. /clientLogin deserializes Java objects without authentication, leading to command EPSS 1.5%CVE-2024-10553CRITICALJdbc Deserialization in h2oai/h2o-3EPSS 1.4%CVE-2025-53691HIGHSitecore Experience Remote Code Execution through Insecure DeserializationEPSS 1.4%CVE-2021-3838CRITICALPHAR Deserialization in dompdf/dompdfEPSS 1.4%CVE-2021-39132HIGHYAML deserialization can run untrusted codeEPSS 1.4%CVE-2023-26779CRITICALCleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code execution (RCE).EPSS 1.4%CVE-2023-35184HIGHSolarWinds Access Rights Manager Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 1.4%CVE-2023-40195HIGHApache Airflow Spark Provider Deserialization Vulnerability RCEEPSS 1.4%CVE-2024-11041CRITICALRemote Code Execution in vllm-project/vllmEPSS 1.4%CVE-2024-36984HIGHRemote Code Execution through Serialized Session Payload in Splunk Enterprise on WindowsEPSS 1.4%