Falhas do tipo CWE-1287
136 resultadosCVE-2025-10207HIGHAuthenticated File Disclosure/DeleteEPSS 0.3%CVE-2026-25179HIGHWindows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-49941HIGHNet::CIDR::Set versions through 0.20 for Perl did not validate IP addressesEPSS 0.3%CVE-2025-0325MEDIUMA Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker to block access to EPSS 0.3%CVE-2025-54525HIGHUnexpected input to Create Channel Subscription endpoint causes DoS in Mattermost Confluence PluginEPSS 0.3%CVE-2025-60633MEDIUMAn issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via the Nudm_SubscriberDataManagementEPSS 0.3%CVE-2026-11460MEDIUMBoost Serialization improper validation of specified type of inputEPSS 0.3%CVE-2025-40911MEDIUMNet::CIDR::Set versions 0.10 through 0.13 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addressesEPSS 0.3%CVE-2025-9041HIGHRockwell Automation FLEX 5000 I/O - Module FaultEPSS 0.3%CVE-2025-9042HIGHRockwell Automation FLEX 5000 I/O - Module FaultEPSS 0.3%CVE-2025-8402MEDIUMNil pointer dereference in bulk import crashes serverEPSS 0.3%CVE-2026-9753HIGHServer crash via malformed binary diff passed to $_internalApplyOplogUpdate.EPSS 0.3%CVE-2024-47261MEDIUM51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API uploadoverlayimage.cgi did not have sufficient input validEPSS 0.3%CVE-2024-8058HIGHAn improper parsing vulnerability was reported in the FileZ client that could allow a crafted file in the FileZ directory to read arbitrary EPSS 0.3%CVE-2026-25783MEDIUMDenial of service via malformed User-Agent header in getBrowserVersionEPSS 0.3%CVE-2026-2003MEDIUMPostgreSQL oidvector discloses a few bytes of memoryEPSS 0.3%CVE-2026-2454MEDIUMDoS in Calls plugin via malformed msgpack in websocket request.EPSS 0.3%CVE-2025-40910MEDIUMNet::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addressesEPSS 0.3%CVE-2025-3070MEDIUMInsufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilEPSS 0.3%CVE-2024-8125MEDIUMA remote code vulnerability has been discovered in OpenText™ Content Management.EPSS 0.3%