Falhas do tipo CWE-184
127 resultadosCVE-2018-16863HIGHIt was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypassEPSS 1.2%CVE-2026-25951HIGHFUXA has a Path Traversal Sanitization BypassEPSS 1.2%CVE-2022-32763CRITICALA cross-site scripting (xss) sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. AEPSS 1.1%CVE-2021-1133MEDIUMCisco Data Center Network Manager REST API VulnerabilitiesEPSS 1.1%CVE-2025-48732HIGHAn incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request EPSS 1.1%CVE-2022-35962HIGHCrafted link in Zulip message can cause disclosure of credentialsEPSS 0.9%CVE-2026-33396CRITICALOneUptime has sandbox escape in Synthetic Monitor Playwright runtime allows project members to execute arbitrary commands on ProbeEPSS 0.8%CVE-2024-51745LOWWasmtime doesn't fully sandbox all the Windows device filenamesEPSS 0.8%CVE-2020-3384HIGHCisco Data Center Network Manager Command Injection VulnerabilityEPSS 0.8%CVE-2025-71323CRITICALpicklescan - Remote Code Execution via Unblocked ctypes ModuleEPSS 0.8%CVE-2022-23536MEDIUMAlertmanager can expose local files content via specially crafted configEPSS 0.8%CVE-2025-29822HIGHMicrosoft OneNote Security Feature Bypass VulnerabilityEPSS 0.7%CVE-2026-55743CRITICALOpenHuman desktop agent shell tool sandbox bypass leads to arbitrary command executionEPSS 0.7%CVE-2021-1255MEDIUMCisco Data Center Network Manager REST API VulnerabilitiesEPSS 0.7%CVE-2021-1135MEDIUMCisco Data Center Network Manager REST API VulnerabilitiesEPSS 0.6%CVE-2025-71320CRITICALpicklescan - Remote Code Execution via Incomplete Disallowed InputsEPSS 0.6%CVE-2023-3374CRITICALPrivilege Escalation in BookreenEPSS 0.6%CVE-2023-29003HIGHSvelteKit has Insufficient Cross-Site Request Forgery ProtectionEPSS 0.6%CVE-2026-22609HIGHFickling has Static Analysis Bypass via Incomplete Dangerous Module BlocklistEPSS 0.6%CVE-2024-20278MEDIUMA vulnerability in the NETCONF feature of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate privileges to root EPSS 0.5%