Falhas do tipo CWE-20
4.583 resultadosCVE-2019-3871MEDIUMA vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from theEPSS 12.9%CVE-2023-36049HIGH.NET, .NET Framework, and Visual Studio Elevation of Privilege VulnerabilityEPSS 12.5%CVE-2023-28324HIGHA improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote cEPSS 11.8%CVE-2023-3676HIGHKubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalationEPSS 11.7%CVE-2023-26068CRITICALCertain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).EPSS 11.6%CVE-2020-12001—FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ContEPSS 11.5%CVE-2014-3480MEDIUMThe cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, dEPSS 11.5%CVE-2025-43560CRITICALColdFusion | Improper Input Validation (CWE-20)EPSS 11.5%CVE-2023-2071CRITICALFactoryTalk View Machine Edition Vulnerable to Remote Code ExecutionEPSS 11.0%CVE-2018-1140MEDIUMA missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw EPSS 10.8%CVE-2024-27612MEDIUMNumbas editor before 7.3 mishandles editing of themes and extensions.EPSS 10.7%CVE-2020-24432MEDIUMAcrobat Reader DC Arbitrary JavaScript Execution in PDF DocumentsEPSS 10.6%CVE-2021-29425—Possible limited path traversal vulnerabily in Apache Commons IOEPSS 10.6%CVE-2025-54123CRITICALHoverfly vulnerable to remote code execution at `/api/v2/hoverfly/middleware` endpoint due to insecure middleware implementationEPSS 10.5%CVE-2025-30294MEDIUMColdFusion | Improper Input Validation (CWE-20)EPSS 10.4%CVE-2025-49719HIGHMicrosoft SQL Server Information Disclosure VulnerabilityEPSS 10.2%CVE-2020-5260CRITICALmalicious URLs may cause Git to present stored credentials to the wrong serverEPSS 10.0%CVE-2022-23626HIGHInsufficient file checks in m1k1o/blogEPSS 9.9%CVE-2026-40871HIGHmailcow: dockerized vulnerable to Second Order SQL Injection in quarantine category via APIEPSS 9.9%CVE-2023-29464HIGHRockwell Automation FactoryTalk Linx Vulnerable to Denial-of-Service and Information DisclosureEPSS 9.6%