Fallos del tipo CWE-358
105 resultadosCVE-2021-34791MEDIUMCisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass VulnerabilitiesEPSS 1.1%CVE-2021-34790MEDIUMCisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass VulnerabilitiesEPSS 1.1%CVE-2023-28601HIGHZoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the bounds of a memory buffer vulnerability. EPSS 1.0%CVE-2019-14823MEDIUMA flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it impliEPSS 0.9%CVE-2023-3266CRITICALA non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checkEPSS 0.8%CVE-2024-6101HIGHInappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to perform out of bounds memory accessEPSS 0.8%CVE-2021-31375HIGHJunos OS: Receipt of a specific BGP update may cause RPKI policy-checks to be bypassedEPSS 0.8%CVE-2020-1728MEDIUMA vulnerability was found in all versions of Keycloak where, the pages on the Admin Console area of the application are completely missing gEPSS 0.8%CVE-2024-3845CRITICALInappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy viEPSS 0.8%CVE-2020-10743—It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercEPSS 0.7%CVE-2023-40445HIGHThe issue was addressed with improved UI handling. This issue is fixed in iOS 17.1 and iPadOS 17.1. A device may persistently fail to lock.EPSS 0.7%CVE-2024-2617HIGHA vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update,
if secure update feature EPSS 0.7%CVE-2024-3844MEDIUMInappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crEPSS 0.6%CVE-2020-1761—A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage. An attacker can use this flaEPSS 0.6%CVE-2022-27220—A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP EPSS 0.6%CVE-2022-27219—A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP EPSS 0.6%CVE-2023-4501CRITICALAuthentication bypass in OpenText (Micro Focus) Enterprise ServerEPSS 0.6%CVE-2022-38732HIGHSnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that oEPSS 0.6%CVE-2023-28113MEDIUMrussh may use insecure Diffie-Hellman keysEPSS 0.6%CVE-2023-22393HIGHJunos OS and Junos OS Evolved: RPD crash upon receipt of BGP route with invalid next-hop EPSS 0.6%