Fallos del tipo CWE-502

2275 resultados
CVE-2025-29310CRITICALAn issue in onos v2.7.0 allows attackers to trigger a packet deserialization problem when supplying a crafted LLDP packet. This vulnerabilitEPSS 0.5%CVE-2025-22526CRITICALWordPress PHP/MySQL CPU performance statistics Plugin <= 1.2.1 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-5497MEDIUMslackero phpwcms Feedimport processing.inc.php deserializationEPSS 0.5%CVE-2026-22497CRITICALWordPress Jardi theme <= 1.7.2 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-22501CRITICALWordPress Mounthood theme <= 1.3.2 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-22417CRITICALWordPress Grand Wedding theme < 3.1.11 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-24378CRITICALWordPress EventPrime plugin <= 4.2.8.0 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2023-49297LOWUnsafe YAML deserialization in PyDrive2EPSS 0.5%CVE-2026-22507CRITICALWordPress Beelove theme <= 1.2.6 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-54001CRITICALWordPress Classter theme <= 2.5 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-22500CRITICALWordPress m2 | Construction and Tools Store theme <= 1.1.2 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-22451CRITICALWordPress Handyman theme <= 1.4.7 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-69872CRITICALDiskCache (python-diskcache) through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache direcEPSS 0.5%CVE-2024-32603HIGHWordPress WooBuddy plugin <= 3.4.20 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-42380CRITICALWordPress AI Lab theme < 5.4.2 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-2855MEDIUMelunez eladmin upload checkFile deserializationEPSS 0.5%CVE-2026-22454CRITICALWordPress Solaris theme <= 2.5 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-67995CRITICALWordPress PatioTime theme < 2.1 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-22453CRITICALWordPress Pets Club theme <= 2.3 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2024-52414CRITICALWordPress WDES Responsive Mobile Menu plugin <= 5.3.18 - PHP Object Injection vulnerabilityEPSS 0.5%