Falhas do tipo CWE-1286
80 resultadosCVE-2024-7954CRITICALSPIP porte_plume Plugin Arbitrary PHP ExecutionEPSS 89.8%CVE-2026-21527MEDIUMMicrosoft Exchange Server Spoofing VulnerabilityEPSS 9.5%CVE-2024-51983HIGHUnauthenticated Denial of Service (DoS) via malformed WS-Scan request affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.EPSS 7.5%CVE-2024-51982HIGHUnauthenticated Denial of Service (DoS) via malformed PJL request affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, and Ricoh.EPSS 6.8%CVE-2023-27043MEDIUMThe email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2EPSS 2.5%CVE-2021-28812HIGHCommand Injection Vulnerability in Video StationEPSS 1.6%CVE-2022-1941HIGHOut of Memory issue in ProtocolBuffers for cpp and pythonEPSS 1.2%CVE-2024-6763LOWJetty URI parsing of invalid authorityEPSS 1.0%CVE-2021-31988—A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and EPSS 0.9%CVE-2024-3384HIGHPAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM PacketsEPSS 0.9%CVE-2021-31987—A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipEPSS 0.9%CVE-2025-22868HIGHUnexpected memory consumption during token parsing in golang.org/x/oauth2EPSS 0.8%CVE-2025-25007MEDIUMMicrosoft Exchange Server Spoofing VulnerabilityEPSS 0.8%CVE-2024-29041MEDIUMExpress.js Open Redirect in malformed URLsEPSS 0.8%CVE-2026-7307HIGHKeycloak: keycloak: denial of service via specially crafted saml inputEPSS 0.7%CVE-2021-44695MEDIUMAffected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a deniEPSS 0.7%CVE-2022-22192HIGHJunos OS Evolved: PTX Series: An attacker can cause a kernel panic by sending a malformed TCP packet to the deviceEPSS 0.7%CVE-2024-8160LOWErik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi did not have a sufficient input validation EPSS 0.6%CVE-2023-43850MEDIUMImproper input validation in the user management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated usEPSS 0.6%CVE-2024-21598HIGHJunos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crashEPSS 0.6%