Falhas do tipo CWE-20

4.705 resultados
CVE-2025-31477CRITICALImproper Scope Validation in the open Endpoint of tauri-plugin-shellEPSS 0.9%CVE-2022-22537When a user opens a manipulated Tagged Image File Format (.tiff, 2d.x3d)) received from untrusted sources in SAP 3D Visual Enterprise ViewerEPSS 0.9%CVE-2024-52279HIGHApache Zeppelin: Arbitrary file read by adding malicious JDBC connection stringEPSS 0.9%CVE-2021-41168MEDIUMHash-Collision Denial-of-Service Vulnerability in snudownEPSS 0.9%CVE-2022-45872CRITICALiTerm2 before 3.4.18 mishandles a DECRQSS response.EPSS 0.9%CVE-2022-38778MEDIUMA flaw (CVE-2022-38900) was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a requEPSS 0.9%CVE-2021-3911MEDIUMMisconfigured IP address field in ROA leads to OctoRPKI crashEPSS 0.9%CVE-2019-1875MEDIUMCisco Prime Service Catalog Cross-Site Scripting VulnerabilityEPSS 0.9%CVE-2023-42661HIGHJFrog Artifactory Improper input validation leads to arbitrary file writeEPSS 0.9%CVE-2020-1676HIGHJuniper Networks Mist Cloud UI: SAML authentication response handling vulnerability.EPSS 0.9%CVE-2024-38245HIGHKernel Streaming Service Driver Elevation of Privilege VulnerabilityEPSS 0.9%CVE-2023-49081HIGHaiohttp's ClientSession is vulnerable to CRLF injection via versionEPSS 0.9%CVE-2023-32727MEDIUMCode execution vulnerability in icmppingEPSS 0.9%CVE-2023-28301LOWMicrosoft Edge (Chromium-based) Tampering VulnerabilityEPSS 0.9%CVE-2022-26582HIGHPAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an attacker to gain root access through command injection in systoolEPSS 0.9%CVE-2022-26108When a user opens a manipulated Picture Exchange (.pcx, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - versionEPSS 0.9%CVE-2024-38216HIGHAzure Stack Hub Elevation of Privilege VulnerabilityEPSS 0.9%CVE-2021-40365HIGHAffected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a deniEPSS 0.9%CVE-2023-28100CRITICALTIOCLINUX can send commands outside sandbox if running on a virtual consoleEPSS 0.9%CVE-2021-38485HIGHEmerson WirelessHART GatewayEPSS 0.9%