Falhas do tipo CWE-392
12 resultadosCVE-2024-12797MEDIUMRFC7250 handshakes with unauthenticated servers don't abort as expectedEPSS 2.4%CVE-2024-39697HIGHphonenumber panics on parsing crafted phonenumber inputsEPSS 0.7%CVE-2023-42444HIGHphonenumber panics on parsing crafted RF3966 inputsEPSS 0.7%CVE-2023-48430LOWA vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the lenEPSS 0.6%CVE-2017-2342HIGHSRX Series: MACsec failure to report errorsEPSS 0.6%CVE-2023-42447HIGHblurhash panics on parsing crafted inputsEPSS 0.5%CVE-2026-20005MEDIUMMultiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attackerEPSS 0.5%CVE-2026-42246HIGHnet-imap vulnerable to STARTTLS stripping via invalid response timingEPSS 0.4%CVE-2025-32743CRITICALIn ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in aEPSS 0.4%CVE-2025-26268LOWDragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service (daemon crash) via a crafted Redis command. The EPSS 0.3%CVE-2025-59398LOWThe OCPP implementation in libocpp before 0.26.2 allows a denial of service (EVerest crash) via JSON input larger than 255 characters, becauEPSS 0.2%CVE-2025-23270HIGHNVIDIA Jetson Linux contains a vulnerability in UEFI Management mode, where an unprivileged local attacker may cause exposure of sensitive iEPSS 0.2%