Falhas do tipo CWE-20
4.566 resultadosCVE-2016-3714HIGHThe (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x beforEPSS 97.5%KEVCVE-2023-23397CRITICALMicrosoft Outlook Elevation of Privilege VulnerabilityEPSS 97.4%KEVCVE-2025-54236CRITICALAdobe Commerce | Improper Input Validation (CWE-20)EPSS 96.7%KEVCVE-2026-34197HIGHApache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeansEPSS 96.3%KEVCVE-2019-1652HIGHCisco Small Business RV320 and RV325 Routers Command Injection VulnerabilityEPSS 95.9%KEVCVE-2023-21554CRITICALMicrosoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityEPSS 95.5%CVE-2024-21413CRITICALMicrosoft Outlook Remote Code Execution VulnerabilityEPSS 94.7%KEVCVE-2024-31309HIGHApache Traffic Server: HTTP/2 CONTINUATION frames can be utilized for DoS attackEPSS 94.6%CVE-2023-28302HIGHMicrosoft Message Queuing (MSMQ) Denial of Service VulnerabilityEPSS 93.6%CVE-2020-1350CRITICALA remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows EPSS 92.2%KEVCVE-2024-5276CRITICALSQL Injection Vulnerability in FileCatalyst Workflow 5.1.6 Build 135 (and earlier)EPSS 90.1%CVE-2012-0151HIGHThe Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows SeEPSS 88.8%KEVCVE-2020-3243CRITICALMultiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big DataEPSS 88.4%CVE-2020-27131HIGHCisco Security Manager Java Deserialization VulnerabilitiesEPSS 87.7%CVE-2023-2868CRITICALRemote Code injection in Barracuda Email Security GatewayEPSS 87.0%KEVCVE-2024-25641CRITICALCacti RCE vulnerability when importing packagesEPSS 86.3%CVE-2025-1098HIGHingress-nginx controller - configuration injection via unsanitized mirror annotationsEPSS 84.3%CVE-2021-3781—A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted EPSS 83.9%CVE-2020-3161CRITICALCisco IP Phones Web Server Remote Code Execution and Denial of Service VulnerabilityEPSS 83.7%KEVCVE-2023-39265LOWApache Superset: Possible Unauthorized Registration of SQLite Database ConnectionsEPSS 83.7%