Falhas do tipo CWE-155
15 resultadosCVE-2020-1772MEDIUMInformation DisclosureEPSS 1.6%CVE-2022-21646HIGHLookup operations do not take into account wildcards in SpiceDBEPSS 1.5%CVE-2019-3802LOWAdditional information exposure with Spring Data JPA example matcherEPSS 1.2%CVE-2025-27515MEDIUMLaravel has a File Validation BypassEPSS 0.7%CVE-2024-0055MEDIUMSandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs mediaclip.cgi and playclip.cgi was vulnerable for fileEPSS 0.6%CVE-2024-0054MEDIUMSandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs local_list.cgi, create_overlay.cgi and irissetup.cgi wEPSS 0.6%CVE-2025-0106MEDIUMExpedition: Wildcard Expansion VulnerabilityEPSS 0.5%CVE-2025-4232HIGHGlobalProtect: Authenticated Code Injection Through Wildcard on macOSEPSS 0.4%CVE-2024-6509MEDIUMMarinus Pfund, member of the AXIS OS Bug Bounty Program,
has found the VAPIX API alwaysmulti.cgi was vulnerable for file globbing which couEPSS 0.4%CVE-2024-47791HIGHRuijie Reyee OS Improper Neutralization of Wildcards or Matching SymbolsEPSS 0.4%CVE-2025-24376MEDIUMThe kubewarden-controller AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resourcesEPSS 0.3%CVE-2025-11757HIGHImproper Neutralization of Wildcards or Matching Symbols in CloudEdge Online Cameras and AppEPSS 0.3%CVE-2024-8688MEDIUMPAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI)EPSS 0.2%CVE-2026-49482MEDIUMClipBucket: SQL Wildcard Injection in Subtitle Edit Endpoint Allows Mass Subtitle OverwriteEPSS 0.2%CVE-2025-0681MEDIUMNew Rock Technologies Cloud Connected Devices Improper Neutralization of Wildcards or Matching SymbolsEPSS 0.2%