Fallos del tipo CWE-502
2250 resultadosCVE-2024-10957HIGHUpdraftPlus: WP Backup & Migration Plugin 1.23.8 - 1.24.11 - Unauthenticated PHP Object InjectionEPSS 0.7%CVE-2026-0762HIGHGPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.7%CVE-2022-23535HIGHLiteDB contains Deserialization of Untrusted DataEPSS 0.7%CVE-2024-12138MEDIUMhorilla create_skills deserializationEPSS 0.7%CVE-2026-27794MEDIUMLangGraph: BaseCache Deserialization of Untrusted Data may lead to Remote Code ExecutionEPSS 0.7%CVE-2024-56180CRITICALApache EventMesh: raft Hessian Deserialization Vulnerability allowing remote code executionEPSS 0.7%CVE-2024-30228CRITICALWordPress Hercules Core plugin <= 6.4 - Auth. PHP Object Injection vulnerabilityEPSS 0.7%CVE-2024-37054HIGHDeserialization of untrusted data can occur in versions of the MLflow platform running version 0.9.0 or newer, enabling a maliciously uploadEPSS 0.7%CVE-2024-5871CRITICALWooCommerce - Social Login <= 2.6.2 - Unauthenticated PHP Object InjectionEPSS 0.7%CVE-2021-47952CRITICALpython jsonpickle 2.0.0 Remote Code Execution via py/reprEPSS 0.7%CVE-2025-42964CRITICALInsecure Deserialization in SAP NetWeaver Enterprise Portal AdministrationEPSS 0.7%CVE-2024-4157HIGHContact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.15 - PHP Object Injection via extractDynamicValuesEPSS 0.7%CVE-2025-42966CRITICALInsecure Deserialization vulnerability in SAP NetWeaver (XML Data Archiving Service)EPSS 0.7%CVE-2026-24747HIGHPyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint FilesEPSS 0.7%CVE-2025-24357HIGHvLLM allows a malicious model RCE by torch.load in hf_model_weights_iteratorEPSS 0.7%CVE-2024-24550HIGHBludit - Remote Code Execution (RCE) through File APIEPSS 0.7%CVE-2026-42027CRITICALApache OpenNLP: Arbitrary Class Instantiation via Model Manifest in ExtensionLoaderEPSS 0.7%CVE-2023-49777CRITICALWordPress YITH WooCommerce Product Add-Ons Plugin <= 4.3.0 is vulnerable to PHP Object InjectionEPSS 0.7%CVE-2025-1971HIGHExport and Import Users and Customers <= 2.6.2 - Authenticated (Admin+) PHP Object Injection via form_data ParameterEPSS 0.7%CVE-2022-33900MEDIUMWordPress Easy Digital Downloads plugin <= 3.0.1 - PHP Object Injection vulnerabilityEPSS 0.7%