Falhas do tipo CWE-502

2.283 resultados
CVE-2025-71360HIGHpicklescan - Remote Code Execution via Undetected idlelib.calltip.get_entityEPSS 0.3%CVE-2025-3162MEDIUMInternLM LMDeploy PT File utils.py load_weight_ckpt deserializationEPSS 0.3%CVE-2025-71340HIGHpicklescan - Remote Code Execution via idlelib.pyshell.ModifiedInterpreter.runcodeEPSS 0.3%CVE-2025-71343HIGHpicklescan - Arbitrary Code Execution via lib2to3.pgen2.pgen.ParserGenerator.make_label Detection BypassEPSS 0.3%CVE-2024-34075MEDIUMkurwov vulnerable to Denial of Service due to improper data sanitizationEPSS 0.3%CVE-2024-39630MEDIUMWordPress Timetable and Event Schedule by MotoPress plugin <= 2.4.13 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2026-4735HIGHA stack overflow and DoS vulnerability in DTStack/chunjunEPSS 0.3%CVE-2026-7712MEDIUMMindsDB Pickle pickle.loads deserializationEPSS 0.3%CVE-2026-10748HIGHNexus Repository 3 - Remote Code Execution via License DeserializationEPSS 0.3%CVE-2023-3324MEDIUM Insecure deserialization in zenon internal DLLsEPSS 0.3%CVE-2025-47553HIGHWordPress DZS Video Gallery plugin <= 12.25 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2026-10043HIGHMosaicML Composer Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.3%CVE-2023-52357MEDIUMVulnerability of serialization/deserialization mismatch in the vibration framework.Successful exploitation of this vulnerability may affect EPSS 0.3%CVE-2026-24385HIGHWordPress Podlove Web Player plugin <= 5.9.1 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2025-60080HIGHWordPress PDF for Gravity Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2025-60455HIGHUnsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "--experimental-enable-kvcache-agent" feature iEPSS 0.3%CVE-2026-37579HIGHAn issue in SMSGate sms-core<=2.1.13.6 allows a remote attacker to execute arbitrary code via the Cmpp7FDeliverRequestMessageCodec.java compEPSS 0.3%CVE-2024-14021HIGHLlamaIndex <= 0.11.6 BGEM3Index Unsafe DeserializationEPSS 0.3%CVE-2026-24216HIGHNVIDIA BioNemo for Linux contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of thisEPSS 0.3%CVE-2025-10950MEDIUMgeyang ml-logger Ping server.py log_handler deserializationEPSS 0.3%