Fallos del tipo CWE-502
2228 resultadosCVE-2023-46801HIGHApache Linkis DataSource: DataSource Remote code execution vulnerabilityEPSS 1.2%CVE-2023-31058HIGHApache InLong: JDBC URL bypassing by adding blanksEPSS 1.2%CVE-2024-26580CRITICALApache InLong: Logged-in user could exploit an arbitrary file read vulnerabilityEPSS 1.2%CVE-2021-21863HIGHA unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile() functionality of CODESYS GmbH CODESYS Development SysEPSS 1.2%CVE-2024-12044CRITICALRemote Code Execution by Pickle Deserialization in open-mmlab/mmdetectionEPSS 1.2%CVE-2024-31224CRITICALGPT Academic: Pickle deserializing cookies may pose RCE riskEPSS 1.2%CVE-2024-23328CRITICALThe Dataease datasource exists deserialization and arbitrary file read vulnerabilityEPSS 1.2%CVE-2023-38689HIGHDeserialization of Untrusted Data in network IOEPSS 1.2%CVE-2024-2006HIGHPost Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget <= 1.6.7 - Authenticated (Contributor+) PHP Object Injection in outpost_shortcode_metabox_markupEPSS 1.2%CVE-2023-50943HIGHApache Airflow: Potential pickle deserialization vulnerability in XComsEPSS 1.2%CVE-2022-2434HIGHString Locator <= 2.5.0 - Cross-Site Request Forgery to PHAR DeserializationEPSS 1.2%CVE-2023-28754HIGHShardingSphere-Agent: Deserialization vulnerability in ShardingSphere AgentEPSS 1.2%CVE-2021-21426CRITICALFixes a bug in Zend Framework's Stream HTTP WrapperEPSS 1.2%CVE-2023-3232MEDIUMZhong Bang CRMEB Image Upload app_auth deserializationEPSS 1.2%CVE-2021-32742HIGHUntrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crashEPSS 1.2%CVE-2024-28213CRITICALnGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to execute arbiEPSS 1.2%CVE-2022-43567HIGHRemote Code Execution via the Splunk Secure Gateway application Mobile Alerts featureEPSS 1.2%CVE-2024-6793CRITICALDeserialization of Untrusted Data in NI VeriStand DataLogging ServerEPSS 1.2%CVE-2023-51518CRITICALApache James server: Privilege escalation via JMX pre-authentication deserialisationEPSS 1.2%CVE-2023-40571CRITICALweblogic-framework Deserialization of Untrusted Data vulnerabilityEPSS 1.2%