Falhas do tipo CWE-502

2.197 resultados

CVE-2020-0618CRITICALA remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'MicrEPSS 99.0%KEV CVE-2021-39144HIGHXStream is vulnerable to a Remote Command Execution attackEPSS 98.5%KEV CVE-2018-1000861CRITICALA code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/corEPSS 98.3%KEV CVE-2015-7450CRITICALSerialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products alloEPSS 97.7%KEV CVE-2020-2555CRITICALVulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions thaEPSS 97.1%KEV CVE-2023-38203CRITICALAnalysis CVE-2023-29300 Bypass: Adobe ColdFusion Pre-Auth RCEEPSS 97.0%KEV CVE-2015-4852CRITICALThe WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitraryEPSS 96.0%KEV CVE-2019-10068CRITICALAn issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. Due to a failure tEPSS 96.0%KEV CVE-2023-25194HIGHApache Kafka Connect API: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration using Kafka Connect EPSS 95.3%CVE-2021-31474CRITICALThis vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor 202EPSS 94.4%CVE-2021-27850—Bypass of the fix for CVE-2019-0195EPSS 94.1%CVE-2021-26857HIGHMicrosoft Exchange Server Remote Code Execution VulnerabilityEPSS 94.0%KEV CVE-2025-24016CRITICALRemote code execution in Wazuh serverEPSS 92.6%KEV CVE-2019-6340HIGHDrupal core - Highly critical - Remote Code ExecutionEPSS 91.9%KEV CVE-2024-0692HIGHSolarWinds Security Event Manager Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 91.6%CVE-2017-12149CRITICALIn Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnEPSS 90.7%KEV CVE-2017-3066CRITICALAdobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserializaEPSS 90.6%KEV CVE-2023-40044CRITICALWS_FTP Server Ad Hoc Transfer Module .NET Deserialization VulnerabilityEPSS 90.1%KEV CVE-2025-49113CRITICALRoundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in aEPSS 89.5%KEV CVE-2025-5086CRITICALDeserialization of Untrusted Data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025EPSS 89.1%KEV

← anteriorpágina 2 / 110próxima →