Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-502

CWE-502

Medium likelihood

Deserialization of Untrusted Data

Parent: CWE-913 - Improper Control of Dynamically-Managed Code Resources

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

2,813 vulnerabilities with CWE-502

CVE-2025-6507 CRITICAL

h2o-3 <3.47.0.99999 - Deserialization

CVE-2025-54742 HIGH

WpEvently <= 4.4.8 - PHP Object Injection via Untrusted Data Deserialization

CVE-2025-53584 HIGH

WP Ticket Customer Service Software & Support Ticket System <6.0.2 ...

CVE-2025-53583 HIGH

emarket-design Employee Spotlight <5.1.1 - Object Injection

CVE-2025-53572 HIGH

WP Easy Contact <4.0.1 - Code Injection

CVE-2025-53243 HIGH

Employee Directory - Staff Listing & Team Directory Plugin <4.5.3 -...

CVE-2025-52761 CRITICAL

WP Funnel Manager <1.4.0 - Code Injection

CVE-2025-58218 HIGH

enuiretechnology Small Package Quotes - USPS Edition <1.3.9 - Objec...

CVE-2025-57773 CRITICAL

DataEase < 2.10.12 - Deserialization of Untrusted Data via JNDI Injection

CVE-2025-43960 HIGH

Adminer 4.8.1 - Unauthenticated Denial of Service via Crafted Serialized Payload

CVE-2025-52287 HIGH

OperaMasks SDK ELite Script Engine 0.5.0 - Deserialization of Untrusted Data

CVE-2025-54923 HIGH

Network-Exposed Service - Code Injection

CVE-2025-54053 MEDIUM

Groundhogg <= 4.2.2 - PHP Object Injection via Untrusted Data Deserialization

CVE-2025-54014 CRITICAL

QuanticaLabs MediCenter <15.1 - Code Injection

CVE-2025-54012 HIGH

Welcart e-Commerce <2.11.16 - Object Injection

CVE-2025-54007 HIGH

PickPlugins Post Grid & Gutenberg Blocks <2.3.11 - Object Injection

CVE-2025-53560 HIGH

Noisa <= 2.6.0 - PHP Object Injection via Untrusted Data Deserialization

CVE-2025-53299 CRITICAL

ThemeMakers Visual Content Composer <1.5.8 - Code Injection

CVE-2025-49890 CRITICAL

AWStats Script <0.4 - XSS

CVE-2025-49438 HIGH

Max Chirkov Simple Login Log <1.1.3 - Object Injection

CVE-2025-49434 CRITICAL

Laposta WooCommerce <1.9.1 - XSS

CVE-2025-8289 HIGH

Redirection for Contact Form 7 <3.2.4 - Code Injection

CVE-2025-8145 HIGH

Redirection for Contact Form 7 <3.2.4 - Code Injection

CVE-2025-8875 HIGH KEV

N-able N-central < 2025.3.1 - Local Code Execution via Untrusted Data Deserialization

CVE-2025-8963 MEDIUM

jeecgboot JimuReport < 2.1.1 - Deserialization of Untrusted Data via Data Large Screen Template

Previous Page 31 of 113 Next

Details

Vulnerabilities 2,813

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy