Falhas do tipo CWE-306
1.708 resultadosCVE-2022-27585CRITICALPassword recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware version <1.6.0 allows an unprivileged remoteEPSS 1.2%CVE-2024-8320MEDIUMMissing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attaEPSS 1.2%CVE-2022-32157HIGHSplunk Enterprise deployment servers allow unauthenticated forwarder bundle downloadsEPSS 1.2%CVE-2019-6533—Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway vEPSS 1.2%CVE-2022-26067MEDIUMAn information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform EPSS 1.2%CVE-2019-15282MEDIUMCisco Identity Services Engine Information Disclosure VulnerabilityEPSS 1.2%CVE-2019-16003MEDIUMCisco UCS Director Information Disclosure VulnerabilityEPSS 1.2%CVE-2020-3461MEDIUMCisco Data Center Network Manager Information Disclosure VulnerabilityEPSS 1.2%CVE-2024-5749HIGHCertain HP DesignJet products – Credential reflectionEPSS 1.2%CVE-2025-34120HIGHLimeSurvey 2.0+ - 2.06+ Unauthenticated Arbitrary File Download via Serialized Backup PayloadEPSS 1.2%CVE-2024-23618CRITICALArris SURFboard SBG6950AC2 Arbitrary Code Execution VulnerabilityEPSS 1.2%CVE-2026-27182HIGHSaturn Remote Mouse Server UDP Command Injection RCEEPSS 1.2%CVE-2012-10062HIGHXAMPP WebDAV PHP Upload Authentication Bypass RCEEPSS 1.2%CVE-2022-26303HIGHAn external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.0EPSS 1.2%CVE-2022-26043HIGHAn external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform VEPSS 1.2%CVE-2025-8286CRITICALGüralp Systems FMUS Series and MIN Series DevicesEPSS 1.2%CVE-2023-38186HIGHWindows Mobile Device Management Elevation of Privilege VulnerabilityEPSS 1.2%CVE-2021-41104HIGHweb_server allows OTA update without checking user defined basic auth username & passwordEPSS 1.2%CVE-2026-42569CRITICALphpvms: /importer authorization bypass causing full database wipeEPSS 1.2%CVE-2026-26125HIGHPayment Orchestrator Service Elevation of Privilege VulnerabilityEPSS 1.2%