Falhas do tipo CWE-502

2.284 resultados
CVE-2026-7818HIGHpgAdmin 4: Unsafe deserialization (CWE-502) in file-backed session manager leads to remote code executionEPSS 0.1%CVE-2026-25551HIGHSeagull Software BarTender Deserialization Privilege Escalation via .NET Remoting ServiceEPSS 0.1%CVE-2025-41700HIGHCODESYS Development System - Deserialization of Untrusted DataEPSS 0.1%CVE-2026-34993MEDIUMAIOHTTP Vulnerable to Deserialization of Untrusted DataEPSS 0.1%CVE-2026-8612MEDIUMWWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code executionEPSS 0.1%CVE-2024-39673MEDIUMVulnerability of serialisation/deserialisation mismatch in the iAware module. Impact: Successful exploitation of this vulnerability may affeEPSS 0.1%CVE-2026-23685MEDIUMInsecure Deserialization vulnerability in SAP NetWeaver (JMS service)EPSS 0.1%CVE-2024-8375MEDIUMObject deserialization in Reverb leading to RCEEPSS 0.1%CVE-2026-10566MEDIUMFoundationAgents MetaGPT schema.py Message.check_instruct_content deserializationEPSS 0.1%CVE-2024-43080HIGHIn onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to EPSS 0.1%CVE-2026-0895MEDIUMInsecure Deserialization in extension "Mailqueue" (mailqueue)EPSS 0.1%CVE-2026-14723MEDIUMAD-Security AD_Miner Cache analyse_cache.py request_a deserializationEPSS 0.1%CVE-2024-8885HIGHA local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writinEPSS 0.1%CVE-2025-8747HIGHKeras safe_mode bypass allows arbitrary code execution when loading a malicious model.EPSS 0.1%CVE-2022-32601HIGHIn telephony, there is a possible permission bypass due to a parcel format mismatch. This could lead to local escalation of privilege with nEPSS 0.1%CVE-2025-7433HIGHA local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrarEPSS 0.1%CVE-2025-54620MEDIUMDeserialization vulnerability of untrusted data in the ability module. Impact: Successful exploitation of this vulnerability may affect avaiEPSS 0.1%CVE-2025-54640MEDIUMParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control EPSS 0.1%CVE-2025-54639MEDIUMParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control EPSS 0.1%CVE-2025-32312HIGHIn createIntentsList of PackageParser.java , there is a possible way to bypass lazy bundle hardening, allowing modified data to be passed toEPSS 0.1%