Falhas do tipo CWE-502
2.215 resultadosCVE-2020-5341CRITICALDeserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC IntegrEPSS 4.3%CVE-2024-12741HIGHDeserialization Of Untrusted Data Vulnerability In NI DAQExpress Project FileEPSS 4.2%CVE-2023-40057CRITICALSolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code ExecutionEPSS 4.2%CVE-2020-8164—A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply informatiEPSS 4.2%CVE-2021-34992HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Orckestra C1 CMS 6.10. Authentication is rEPSS 4.1%CVE-2021-37578—Remote code execution via RMIEPSS 4.1%CVE-2021-39145HIGHXStream is vulnerable to an Arbitrary Code Execution attackEPSS 4.1%CVE-2023-21706HIGHMicrosoft Exchange Server Remote Code Execution VulnerabilityEPSS 4.1%CVE-2024-42323HIGHApache HertzBeat: RCE by snakeYaml deser load malicious xmlEPSS 4.1%CVE-2019-14893HIGHA flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserializatEPSS 4.0%CVE-2020-12007—A specially crafted communication packet sent to the affected devices could allow remote code execution and a denial-of-service condition duEPSS 3.9%CVE-2024-6944MEDIUMZhongBangKeJi CRMEB PublicController.php get_image_base64 deserializationEPSS 3.8%CVE-2022-21341MEDIUMVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versiEPSS 3.8%CVE-2019-19230CRITICALAn unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remotEPSS 3.8%CVE-2021-27466CRITICALRockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted DataEPSS 3.7%CVE-2022-21828—A user with high privilege access to the Incapptic Connect web console can remotely execute code on the Incapptic Connect server using a unsEPSS 3.7%CVE-2021-27462CRITICALRockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted DataEPSS 3.7%CVE-2021-27470CRITICALRockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted DataEPSS 3.7%CVE-2021-31010HIGHA deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOSEPSS 3.7%KEVCVE-2020-6770CRITICALDeserialization of Untrusted Data in Bosch BVMS Mobile Video ServiceEPSS 3.6%