Fallos del tipo CWE-502

2206 resultados

CVE-2025-26399CRITICALSolarWinds Web Help Desk Deserialization of Untrusted Data Privilege Escalation VulnerabilityEPSS 88.3%KEV CVE-2024-40711CRITICALA deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).EPSS 88.2%KEV CVE-2018-15381CRITICALCisco Unity Express Arbitrary Command Execution VulnerabilityEPSS 87.3%CVE-2020-10915CRITICALThis vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. AuthenticationEPSS 86.6%CVE-2023-36035HIGHMicrosoft Exchange Server Spoofing VulnerabilityEPSS 86.6%CVE-2022-36974CRITICALThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authEPSS 85.1%CVE-2022-38111HIGHSolarWinds Platform Deserialization of Untrusted Data VulnerabilityEPSS 84.8%CVE-2024-28986CRITICALSolarWinds Web Help Desk Java Deserialization Remote Code Execution VulnerabilityEPSS 84.6%KEV CVE-2025-40551CRITICALSolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 84.1%KEV CVE-2024-30044HIGHMicrosoft SharePoint Server Remote Code Execution VulnerabilityEPSS 84.0%CVE-2019-9874CRITICALDeserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 toEPSS 83.9%KEV CVE-2022-36958HIGHSolarWinds Platform Deserialization of Untrusted DataEPSS 82.7%CVE-2023-43208CRITICALNextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability iEPSS 82.7%KEV CVE-2021-21351MEDIUMXStream is vulnerable to an Arbitrary Code Execution attackEPSS 82.6%CVE-2023-20888HIGHAria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria OEPSS 82.3%CVE-2023-21707HIGHMicrosoft Exchange Server Remote Code Execution VulnerabilityEPSS 82.0%CVE-2023-32031HIGHMicrosoft Exchange Server Remote Code Execution VulnerabilityEPSS 81.8%CVE-2023-36744HIGHMicrosoft Exchange Server Remote Code Execution VulnerabilityEPSS 81.7%CVE-2021-42125—An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to EPSS 81.6%CVE-2024-23478HIGHSolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code ExecutionEPSS 81.6%

← anteriorpágina 3 / 111siguiente →