Falhas do tipo CWE-1284
234 resultadosCVE-2025-14689MEDIUMIBM Db2 Denial of ServiceEPSS 0.2%CVE-2026-7254MEDIUMOpen BMC Denial of ServiceEPSS 0.2%CVE-2023-27961MEDIUMMultiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 1EPSS 0.2%CVE-2026-49110HIGHWordPress Upsell Order Bump Offer for WooCommerce plugin <= 3.1.4 - Price Manipulation vulnerabilityEPSS 0.2%CVE-2025-13867MEDIUMIBM Db2 Denial of ServiceEPSS 0.2%CVE-2025-25178HIGHGPU DDK - PhysmemWrapExtMem uiSize=0 corrupts kernel memoryEPSS 0.2%CVE-2025-10933MEDIUMSilicon Labs Z-Wave Protocol Controller Integer underflow vulnerability leads to out of bounds readEPSS 0.2%CVE-2024-5102HIGHElevation of Privelage via symlinked file in Avast AntivirusEPSS 0.2%CVE-2024-30516HIGHWordPress Booking Package plugin <= 1.6.27 - Price Manipulation vulnerabilityEPSS 0.2%CVE-2026-35489HIGHTandoor Recipes — `amount`/`unit` bypass serializer in `food/{id}/shopping/`EPSS 0.2%CVE-2026-11596MEDIUMIn ScreenConnect™ versions prior to 26.2, input
validation within the Host Pass creation functionality could allow an
authenticated user witEPSS 0.2%CVE-2025-14688MEDIUMIBM® Db2® is vulnerable to a denial of service when fetching from certain tables under specific configurationsEPSS 0.2%CVE-2024-53878LOWNVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a maEPSS 0.2%CVE-2026-42657MEDIUMWordPress Contest Gallery plugin <= 28.1.7 - Other Vulnerability Type vulnerabilityEPSS 0.2%CVE-2022-20493HIGHIn Condition of Condition.java, there is a possible way to grant notification access due to improper input validation. This could lead to loEPSS 0.2%CVE-2026-33471CRITICALnimiq-block has skip block quorum bypass via out-of-range BitSet indices & u16 truncationEPSS 0.2%CVE-2026-53540LOWPython-Multipart: Negative Content-Length in parse_form buffers the entire body in memoryEPSS 0.2%CVE-2026-12755LOWImproper input validation in the PAM AD discovery endpoints in
Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated
usEPSS 0.2%CVE-2026-44459LOWHono: Improper validation of NumericDate claims (exp, nbf, iat) in JWT verify()EPSS 0.2%CVE-2025-36094MEDIUMMultiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for January 2026.EPSS 0.2%