Falhas do tipo CWE-349
36 resultadosCVE-2024-41924HIGHAcceptance of extraneous untrusted data with trusted data vulnerability exists in EC-CUBE 4 series. If this vulnerability is exploited, an aEPSS 0.3%CVE-2026-42960MEDIUMPossible cache poisoning via promiscuous records for the authority sectionEPSS 0.2%CVE-2024-34083MEDIUMSTARTTLS unencrypted commands injectionEPSS 0.2%CVE-2025-11703MEDIUMWP Go Maps (formerly WP Google Maps) <= 9.0.48 - Unauthenticated Cache PoisoningEPSS 0.2%CVE-2025-40776HIGHBirthday Attack against Resolvers supporting ECSEPSS 0.2%CVE-2026-44572LOWNext.js: Middleware / Proxy redirects can be cache-poisonedEPSS 0.2%CVE-2025-5994HIGHCache poisoning via the ECS-enabled Rebirthday AttackEPSS 0.2%CVE-2025-1680NONEAn acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa’s Ethernet switches, which allows attEPSS 0.2%CVE-2025-20255MEDIUMA vulnerability in client join services of Cisco Webex Meetings could allow an unauthenticated, remote attacker to manipulate cached HTTP reEPSS 0.2%CVE-2025-46339MEDIUMFreshRSS vulnerable to favicon cache poisoning via proxyEPSS 0.2%CVE-2024-53848HIGHcheck-jsonschema default caching for remote schemas allows for cache confusionEPSS 0.1%CVE-2026-35641HIGHOpenClaw < 2026.3.24 - Arbitrary Code Execution via .npmrc in Local Plugin/Hook InstallationEPSS 0.1%CVE-2024-52555MEDIUMIn JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer scriptEPSS 0.1%CVE-2023-3749HIGHVideoEdge configEPSS 0.1%CVE-2026-46342LOWNuxt: `__nuxt_island` endpoint does not bind responses to request props, enabling shared-cache poisoningEPSS 0.1%CVE-2025-68269MEDIUMIn JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSHEPSS 0.1%