Falhas do tipo CWE-420
37 resultadosCVE-2023-30946LOWIssues notification metadata lacks authorizationEPSS 0.3%CVE-2025-62001HIGHBullWall Ransomware Containment hard-coded folder exclusionsEPSS 0.3%CVE-2023-4570HIGHImproper Restriction in NI MeasurementLink Python ServicesEPSS 0.3%CVE-2023-7266HIGHSome Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or informatiEPSS 0.3%CVE-2025-8557HIGHAn internal product security audit of Lenovo XClarity Orchestrator (LXCO) discovered the below vulnerability:
An attacker with access to a EPSS 0.2%CVE-2026-40435MEDIUMBIG-IP httpd access control vulnerabilityEPSS 0.2%CVE-2025-59033HIGHThe Microsoft vulnerable driver block list is implemented as Windows Defender Application Control (WDAC) policy. Entries that specify only tEPSS 0.2%CVE-2024-8038HIGHVulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available withoutEPSS 0.2%CVE-2026-43505MEDIUMAn issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when mod_proxy65 is enabled. Because mod_proxy65 miEPSS 0.2%CVE-2025-62820MEDIUMSlack Nebula before 1.9.7 mishandles CIDR in some configurations and thus accepts arbitrary source IP addresses within the Nebula network.EPSS 0.2%CVE-2025-66432MEDIUMIn Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date.EPSS 0.2%CVE-2025-52968LOWxdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which can facilitate CSRF. (For example, xdg-open EPSS 0.2%CVE-2022-28693MEDIUMUnprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially eEPSS 0.2%CVE-2025-41727HIGHBeckhoff: Performing privileged operations and gaining administrator accessEPSS 0.2%CVE-2023-52718MEDIUMA connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or infoEPSS 0.1%CVE-2026-35388LOWOpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.EPSS 0.1%CVE-2025-1095HIGHIBM Personal Communications command executionEPSS 0.1%