Falhas do tipo CWE-1284
230 resultadosCVE-2022-37311MEDIUMOX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large location request parameter to the redirect servlet.EPSS 0.9%CVE-2022-28613HIGHSpecially Crafted Modbus TCP Packet Vulnerability in RTU500 seriesEPSS 0.9%CVE-2022-0174MEDIUMImproper Validation of Specified Quantity in Input in dolibarr/dolibarrEPSS 0.9%CVE-2023-34188—The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload overEPSS 0.8%CVE-2022-4111MEDIUMImproper Validation of Specified Quantity in Input in tooljet/tooljetEPSS 0.8%CVE-2023-30269HIGHCLTPHP <=6.0 is vulnerable to Improper Input Validation via application/admin/controller/Template.php.EPSS 0.7%CVE-2021-44693MEDIUMAffected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a deniEPSS 0.7%CVE-2024-39697HIGHphonenumber panics on parsing crafted phonenumber inputsEPSS 0.7%CVE-2024-20149HIGHIn Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional EPSS 0.7%CVE-2023-4518MEDIUMA vulnerability exists in the input validation of the GOOSE
messages where out of range values received and processed
by the IED caused a EPSS 0.7%CVE-2022-46143MEDIUMAffected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer EPSS 0.7%CVE-2023-42444HIGHphonenumber panics on parsing crafted RF3966 inputsEPSS 0.7%CVE-2022-4171MEDIUMdemon image annotation <= 5.0 - Improper Input Restriction ValidationEPSS 0.7%CVE-2022-39313HIGHParse Server crashes when receiving file download request with invalid byte rangeEPSS 0.7%CVE-2024-1610HIGHOPPO Store app include remote account token hijacking and sensitive information leakageEPSS 0.7%CVE-2023-38744—Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue exists in the built-in EtherNet/IP port ofEPSS 0.7%CVE-2022-2277HIGHA vulnerability exists in the ICCP stack of the affected SYS600 versions due to validation flaw in the process that establishes the ICCP communication. The validation flaw will cause a denial-of-service when ICCP of SYS600 is request to forward any da ...EPSS 0.6%CVE-2023-23549LOWDoS via long hostnamesEPSS 0.6%CVE-2022-0596MEDIUMImproper Validation of Specified Quantity in Input in microweber/microweberEPSS 0.6%CVE-2022-39272MEDIUMFlux2 vulnerable to Denial of Service due to Improper use of metav1.DurationEPSS 0.6%