VYPR

CWE-502

Deserialization of Untrusted Data

BaseDraftLikelihood: Medium

Description

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-586

CVEs mapped to this weakness (1,721)

page 59 of 87
  • CVE-2024-9005HigOct 8, 2024
    risk 0.47cvss epss 0.00

    CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be remotely executed on the server when unsafely deserialized data is posted to the web server.

  • CVE-2024-7560HigAug 8, 2024
    risk 0.47cvss 7.2epss 0.01

    The News Flash theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the newsflash_post_meta meta value. This makes it possible for authenticated attackers, with Editor-level access and…

  • CVE-2024-2290HigMay 14, 2024
    risk 0.47cvss 7.2epss 0.01

    The Advanced Ads plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.52.1 via deserialization of untrusted input in the 'placement_slug' parameter. This makes it possible for authenticated attackers to inject a PHP Object. No POP…

  • CVE-2023-26153HigOct 6, 2023
    risk 0.47cvss 8.3epss 0.03

    Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the 'geo_location' cookie. This issue can be exploited remotely via a malicious cookie value. **Note:** An attacker can use this vulnerability to…

  • CVE-2022-2442HigSep 6, 2022
    risk 0.47cvss 7.2epss 0.01

    The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to deserialization of untrusted input via the 'path' parameter in versions up to, and including 0.9.74. This makes it possible for authenticated attackers with administrative privileges to call files…

  • CVE-2022-25845HigJun 10, 2022
    risk 0.47cvss 8.1epss 0.18

    The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If…

  • CVE-2020-36179HigJan 7, 2021
    risk 0.47cvss 8.1epss 0.21

    FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.

  • CVE-2020-36188HigJan 6, 2021
    risk 0.47cvss 8.1epss 0.11

    FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource.

  • CVE-2020-35728HigDec 27, 2020
    risk 0.47cvss 8.1epss 0.13

    FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).

  • CVE-2020-28948HigNov 19, 2020
    risk 0.47cvss 7.8epss 0.47

    Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.

  • CVE-2018-19274HigNov 17, 2018
    risk 0.47cvss 7.2epss 0.05

    Passing an absolute path to a file_exists check in phpBB before 3.2.4 allows Remote Code Execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions.

  • CVE-2016-8648HigAug 1, 2018
    risk 0.47cvss 7.2epss 0.02

    It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute remote code on the server as the user running the Java Virtual Machine if the…

  • CVE-2018-1000509HigJun 26, 2018
    risk 0.47cvss 7.2epss 0.02

    Redirection version 2.7.1 contains a Serialisation vulnerability possibly allowing ACE vulnerability in Settings page AJAX that can result in could allow admin to execute arbitrary code in some circumstances. This attack appear to be exploitable via Attacker must have access to…

  • CVE-2015-5164HigOct 18, 2017
    risk 0.47cvss 7.2epss 0.04

    The Qpid server on Red Hat Satellite 6 does not properly restrict message types, which allows remote authenticated users with administrative access on a managed content host to execute arbitrary code via a crafted message, related to a pickle processing problem in pulp.

  • CVE-2017-14141HigSep 19, 2017
    risk 0.47cvss 7.2epss 0.03

    The wiki_decode Developer System Helper function in the admin panel in Kaltura before 13.2.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object.

  • CVE-2016-4978HigSep 27, 2016
    risk 0.47cvss 7.2epss 0.07

    The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to…

  • CVE-2026-41731HigJun 10, 2026
    risk 0.46cvss 8.1epss 0.00

    JsonKafkaHeaderMapper and the deprecated DefaultKafkaHeaderMapper matched type headers against trusted packages using a prefix check, meaning that trusting any package implicitly trusted all of its subpackages. Combined with Jackson's default bean deserialization, a producer…

  • CVE-2026-42211HigJun 2, 2026
    risk 0.46cvss 8.1epss 0.00

    React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could potentially allow unauthorized remote code execution (RCE) through external requests. This attack requires the application code to have an existing…

  • CVE-2026-49121HigJun 1, 2026
    risk 0.46cvss 8.1epss 0.01

    AI Tensor Engine for ROCm (AITER) through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv() function within shm_broadcast.py that allows unauthenticated remote attackers to execute arbitrary code by sending a malicious pickle…

  • CVE-2026-9291HigMay 22, 2026
    risk 0.46cvss 7.1epss 0.00

    Insecure deserialization in the job results processing component in Amazon Braket SDK before 1.117.0 might allow a remote authenticated user with S3 write access to the job output bucket to achieve arbitrary code execution on any machine that processes job results. We…