Falhas do tipo CWE-116
285 resultadosCVE-2025-64325HIGHEmby Server is Vulnerable to Remote Code Execution Through XSS in Admin DashboardEPSS 0.4%CVE-2024-46547HIGHA vulnerability was found in Romain Bourdon Wampserver all versions (discovered in v3.2.3 and v3.2.6) where unauthorized users could access EPSS 0.4%CVE-2026-45570LOWgo-git: Improper single-quote escaping in go-git SSH transportEPSS 0.4%CVE-2026-45375CRITICALSiYuan: Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code executionEPSS 0.4%CVE-2024-39682MEDIUMWordPress Cooked Plugin - Authenticated (Contributor+) HTML Injection via Recipe ExcerptEPSS 0.4%CVE-2026-33597LOWPRSD detection denial of serviceEPSS 0.3%CVE-2026-27169HIGHOpenSift: Persistent XSS Chat Tool RenderingEPSS 0.3%CVE-2026-42321HIGHGLPI has stored XSS in asset locksEPSS 0.3%CVE-2026-25940HIGHjsPDF's PDF Injection in AcroForm module allows Arbitrary JavaScript Execution (RadioButton.createOption and "AS" property)EPSS 0.3%CVE-2023-52102HIGHVulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentEPSS 0.3%CVE-2026-9354MEDIUMNousResearch hermes-agent Slack Agent/Mattermost Agent escape outputEPSS 0.3%CVE-2025-15312MEDIUMTanium addressed an improper output sanitization vulnerability in TanOS.EPSS 0.3%CVE-2025-4084MEDIUMPotential local code execution in "copy as cURL" commandEPSS 0.3%CVE-2025-11713HIGHPotential user-assisted code execution in “Copy as cURL” commandEPSS 0.3%CVE-2025-32078MEDIUMXSSes and potential RCE in Special:VersionCompareEPSS 0.3%CVE-2024-47224MEDIUMA vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unEPSS 0.3%CVE-2026-55570CRITICALSiYuan: Stored XSS results to Electron RCE in SiYuan marketplace via unescaped `data-obj` attribute (Bypass for CVE-2026-45375's patch)EPSS 0.3%CVE-2025-30657MEDIUMJunos OS: Processing of a specific BGP update causes the SRRD process to crashEPSS 0.3%CVE-2026-47171HIGHQuest Bot: Reminder messages allow stored mass mentions through `@everyone` and `@here`EPSS 0.3%CVE-2026-54133CRITICALjmespath.php has CompilerRuntime code injection via unescaped function namesEPSS 0.3%