Falhas do tipo CWE-1188
167 resultadosCVE-2026-26122MEDIUMMicrosoft ACI Confidential Containers Information Disclosure VulnerabilityEPSS 1.0%CVE-2017-12736HIGHAfter initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to write to the device under certain conditions.
This EPSS 1.0%CVE-2024-28815CRITICALA vulnerability in the BluStar component of Mitel InAttend 2.6 SP4 through 2.7 and CMG 8.5 SP4 through 8.6 could allow access to sensitive iEPSS 0.9%CVE-2021-3586—A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do not properly specify which ports may be accesEPSS 0.9%CVE-2022-4224HIGHCODESYS: Exposure of Resource to Wrong Sphere in CODESYS V3EPSS 0.9%CVE-2025-7353CRITICALRockwell Automation ControlLogix® Ethernet Remote Code Execution VulnerabilityEPSS 0.9%CVE-2022-38745HIGHApache OpenOffice: Empty entry in Java class pathEPSS 0.9%CVE-2024-0001CRITICALA condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active potentially allowingEPSS 0.9%CVE-2024-47295HIGHInsecure initial password configuration issue in SEIKO EPSON Web Config allows a remote unauthenticated attacker to set an arbitrary passworEPSS 0.8%CVE-2026-25894CRITICALFUXA Unauthenticated Remote Code Execution via Hardcoded JWT Secret in Default ConfigurationEPSS 0.8%CVE-2024-31070CRITICALInitialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century SEPSS 0.8%CVE-2023-33949MEDIUMIn Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email EPSS 0.7%CVE-2022-32480MEDIUMDell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initializatEPSS 0.7%CVE-2024-45217HIGHApache Solr: ConfigSets created during a backup restore command are trusted implicitlyEPSS 0.7%CVE-2026-44109CRITICALOpenClaw < 2026.4.15 - Authentication Bypass in Feishu Webhook and Card-Action ValidationEPSS 0.7%CVE-2022-3262HIGHA flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. ThEPSS 0.7%CVE-2022-41648CRITICALThe HEIDENHAIN Controller TNC 640 NC software Version 340590 07 SP5, is vulnerable to improper authentication in its DNC communication for CEPSS 0.7%CVE-2022-1278—A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.EPSS 0.7%CVE-2025-41438CRITICALConsilium Safety CS5000 Fire Panel Initialization of a Resource with an Insecure DefaultEPSS 0.7%CVE-2026-33037HIGHWWBN AVideo has predictable default admin credentials in official Docker deployment pathEPSS 0.7%