Opis
Produkt deserializuje niezaufane dane bez wystarczającego zapewnienia, że wynikowe dane będą prawidłowe. Może to prowadzić do wykonania arbitralnego kodu lub innych ataków na bezpieczeństwo aplikacji.
Description (EN)
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Podatności CVE z CWE-502 (3393)
10.0
CVSS
CRITICAL
CVE-2026-41104
pub. 2026-05-22
10.0
CVSS
CRITICAL
CVE-2026-45829
pub. 2026-05-18
10.0
CVSS
CRITICAL
CVE-2026-33819
pub. 2026-04-23
10.0
CVSS
CRITICAL
CVE-2026-20131
pub. 2026-03-04🚩 CISA KEV⚡ EXPLOIT
10.0
CVSS
CRITICAL
CVE-2026-26222
pub. 2026-02-24
10.0
CVSS
CRITICAL
CVE-2026-26333
pub. 2026-02-13
10.0
CVSS
CRITICAL
CVE-2026-25632
pub. 2026-02-06
10.0
CVSS
CRITICAL
CVE-2026-24815
pub. 2026-01-27
10.0
CVSS
CRITICAL
CVE-2025-14931
pub. 2025-12-23
10.0
CVSS
CRITICAL
CVE-2025-34394
pub. 2025-12-10
10.0
CVSS
CRITICAL
CVE-2025-55182
pub. 2025-12-03🚩 CISA KEV⚡ EXPLOIT
10.0
CVSS
CRITICAL
CVE-2025-11367
pub. 2025-11-12
10.0
CVSS
CRITICAL
CVE-2025-10363
pub. 2025-10-06
10.0
CVSS
CRITICAL
CVE-2025-58384
pub. 2025-09-26
10.0
CVSS
CRITICAL
CVE-2025-10035
pub. 2025-09-18🚩 CISA KEV⚡ EXPLOIT
10.0
CVSS
CRITICAL
CVE-2025-42944
pub. 2025-09-09
10.0
CVSS
CRITICAL
CVE-2024-13980
pub. 2025-08-27
10.0
CVSS
CRITICAL
CVE-2025-34153
pub. 2025-08-13
10.0
CVSS
CRITICAL
CVE-2025-34067
pub. 2025-07-02
10.0
CVSS
CRITICAL
CVE-2025-34060
pub. 2025-07-01
Pokazano 20 z 3393 podatności