Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-502

CWE-502

Medium likelihood

Deserialization of Untrusted Data

Parent: CWE-913 - Improper Control of Dynamically-Managed Code Resources

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

2,826 vulnerabilities with CWE-502

CVE-2024-48206 CRITICAL

chainer <7.8.1.post1 - Code Injection

CVE-2024-48063 CRITICAL

PyTorch <= 2.4.1 - Remote Code Execution via RemoteModule Deserialization

CVE-2024-50416 HIGH

WPClever WPC Shop as a Customer for WooCommerce <= 1.2.6 - PHP Object Injection via Untrusted Data Deserialization

CVE-2024-50408 HIGH

Namaste! LMS <= 2.6.3 - PHP Object Injection via Untrusted Data Deserialization

CVE-2024-49684 HIGH

Revmakx Backup and Staging <1.22.21 - Code Injection

CVE-2024-49625 CRITICAL

SiteBuilder Dynamic Components <1.0 - Code Injection

CVE-2024-49624 CRITICAL

Smartdevth Advanced Advertising System <1.3.1 - Code Injection

CVE-2024-49332 CRITICAL

Giveaway Boost <= 2.1.4 - PHP Object Injection via Untrusted Data Deserialization

CVE-2024-49626 CRITICAL

Piyushmca Shipyaari Shipping Management <1.2 - Code Injection

CVE-2024-10079 HIGH

WP Easy Post Types <1.4.4 - Code Injection

CVE-2024-49318 CRITICAL

My Reading Library <1.0 - Code Injection

CVE-2024-47836 LOW

admidio < 4.3.12 - Unauthenticated Remote Code Execution via Unsafe Deserialization

CVE-2024-49227 CRITICAL

Innovaweb Free Stock Photos Foter <1.5.4 - Code Injection

CVE-2024-49226 HIGH

TAKETIN To WP Membership <2.8.0 - Code Injection

CVE-2024-49218 CRITICAL

Al Imran Akash Recently <1.1 - Object Injection

CVE-2024-48030 CRITICAL

Gabriele Valenti Telecash Ricaricaweb <2.2 - Code Injection

CVE-2024-48028 CRITICAL

Boyan Raichev IP Loc8 - Object Injection

CVE-2024-48026 CRITICAL

Grayson Robbins Disc Golf Manager <1.0.0 - Code Injection

CVE-2024-9634 CRITICAL

GiveWP <= 3.16.3 - Unauthenticated PHP Object Injection via give_company_name

CVE-2024-21217 LOW

Oracle GraalVM and JDK - Deserialization of Untrusted Data via Serialization Component

CVE-2024-9953 MEDIUM

CERT VINCE < 3.0.8 - Authenticated Denial of Service via Pickle Object Injection

CVE-2024-45733 HIGH

Splunk 9.1.0-9.1.6 - Remote Code Execution via Insecure Session Storage

CVE-2024-9917 MEDIUM

Usualtoolcms - Insecure Deserialization

CVE-2024-48033 CRITICAL

Elie Burstein, Baptiste Gourdin Talkback <1.0 - Code Injection

CVE-2024-47074 CRITICAL

DataEase < 1.18.25 - Remote Code Execution via PostgreSQL JDBC Deserialization

Previous Page 52 of 114 Next

Details

Vulnerabilities 2,826

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy