Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-502

CWE-502

Medium likelihood

Deserialization of Untrusted Data

Parent: CWE-913 - Improper Control of Dynamically-Managed Code Resources

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

2,743 vulnerabilities with CWE-502

CVE-2025-33243 HIGH

NVIDIA NeMo < 2.6.1 - Remote Code Execution via Untrusted Data Deserialization

CVE-2025-33241 HIGH

NVIDIA NeMo < 2.6.1 - Remote Code Execution via Malicious File Loading

CVE-2025-61880 HIGH

Infoblox NIOS <= 9.0.7 - Remote Code Execution via Insecure Deserialization

CVE-2025-70560 HIGH

Boltz 2.0.0 - Remote Code Execution via Insecure Pickle Deserialization

CVE-2025-70559 MEDIUM

pdfminer.six < 20251230 - Remote Code Execution via Insecure CMap Cache Deserialization

CVE-2025-40553 CRITICAL

SolarWinds Web Help Desk < 2026.1 - Unauthenticated Remote Code Execution via Untrusted Data Deserialization

CVE-2025-40551 CRITICAL KEV

SolarWinds Web Help Desk < 2026.1 - Unauthenticated Remote Code Execution via Untrusted Data Deserialization

CVE-2025-15351 HIGH

Anritsu VectorStar - Deserialization

CVE-2025-15350 HIGH

Anritsu VectorStar - Deserialization

CVE-2025-15348 HIGH

Anritsu ShockLine - Deserialization

CVE-2025-69099 HIGH

North <= 5.7.5 - PHP Object Injection via Untrusted Data Deserialization

CVE-2025-69079 CRITICAL

ThemeREX Sound <1.6.9 - Code Injection

CVE-2025-69036 HIGH

StrongholdThemes Tech Life CPT <17 - Code Injection

CVE-2025-69035 HIGH

StrongholdThemes Dental Care CPT - Code Injection

CVE-2025-69002 HIGH

designthemes OneLife <4 - Code Injection

CVE-2025-68903 HIGH

AivahThemes Anona <8.0 - Code Injection

CVE-2025-68899 HIGH

designthemes Vivagh <2.4 - Code Injection

CVE-2025-68047 HIGH

Arraytics Eventin <4.1.1 - Object Injection

CVE-2025-67619 HIGH

designthemes Kids Heaven <3.2 - Code Injection

CVE-2025-67617 CRITICAL

Consult Aid <1.4.3 - Code Injection

CVE-2025-50004 HIGH

artbees JupiterX Core <4.10.1 - Code Injection

CVE-2025-56005 CRITICAL

PLY 3.11 yacc picklefile - Unsafe Pickle Deserialization Code Execution

CVE-2025-69276 HIGH

Broadcom DX NetOps Spectrum < 25.4.1 - Object Injection via Untrusted Data Deserialization

CVE-2025-67911 CRITICAL

Tribulant Software Newsletters <4.11 - Code Injection

CVE-2025-47552 CRITICAL

DZS Video Gallery <12.37 - Code Injection

Previous Page 18 of 110 Next

Details

Vulnerabilities 2,743

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy