Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-502

CWE-502

Medium likelihood

Deserialization of Untrusted Data

Parent: CWE-913 - Improper Control of Dynamically-Managed Code Resources

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

2,769 vulnerabilities with CWE-502

CVE-2025-12058 MEDIUM

Keras < 3.12.0 - Arbitrary Local File Read and Server-Side Request Forgery via StringLookup Layer

CVE-2025-62368 CRITICAL

taiga-back < 6.9.0 - Remote Code Execution via Unsafe Deserialization

CVE-2025-12305 MEDIUM

shiyi-blog < 1.2.1 - Remote Code Execution via Deserialization in Job Handler

CVE-2025-34292 CRITICAL

BeWelcome Rox < c60bf04 - Remote Code Execution via PHP Object Injection

CVE-2025-46183 HIGH

pgCodeKeeper 10.12.0 - Code Injection

CVE-2025-62025 CRITICAL

eyecix JobSearch < 3.0.8 - Deserialization

CVE-2025-62008 HIGH

Product Table For WooCommerce <1.2.5 - Deserialization

CVE-2025-60238 CRITICAL

universam <8.72.34 - Code Injection

CVE-2025-60234 HIGH

designthemes Single Property <= 2.8 - Code Injection

CVE-2025-60232 CRITICAL

quantumcloud KBx Pro Ultimate <8.0.5 - Code Injection

CVE-2025-60228 HIGH

designthemes Knowledge Base <2.9 - Code Injection

CVE-2025-60226 CRITICAL

axiomthemes White Rabbit <= 1.5.2 - PHP Object Injection via Untrusted Data Deserialization

CVE-2025-60225 CRITICAL

AncoraThemes BugsPatrol <1.5.0 - Code Injection

CVE-2025-60224 CRITICAL

wpshuffle Subscribe to Download <2.0.9 - Code Injection

CVE-2025-60221 CRITICAL

Captivate Sync <3.0.3 - Code Injection

CVE-2025-60216 CRITICAL

BoldThemes Addison <1.4.2 - Code Injection

CVE-2025-60215 HIGH

designthemes Kriya <= 3.4 - Object Injection

CVE-2025-60214 CRITICAL

BoldThemes Goldenblatt <= 1.2.1 - Code Injection

CVE-2025-60213 CRITICAL

Whitebox-Studio Scape <1.5.13 - Object Injection

CVE-2025-60212 HIGH

Designthemes VEDA <4.2 - Code Injection

CVE-2025-60210 CRITICAL

Everest Forms - Frontend Listing <= 1.0.5 - PHP Object Injection via Untrusted Data Deserialization

CVE-2025-60209 CRITICAL

CRM Perks Connector - Object Injection

CVE-2025-60039 CRITICAL

Noisa <= 2.6.0 - PHP Object Injection via Untrusted Data Deserialization

CVE-2025-59007 CRITICAL

themesflat TF Woo Product Grid Addon For Elementor <2 - Deserializa...

CVE-2025-52740 HIGH

Boldermail <= 2.4.0 - PHP Object Injection via Untrusted Data Deserialization

Previous Page 25 of 111 Next

Details

Vulnerabilities 2,769

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy