Falhas do tipo CWE-610
84 resultadosCVE-2022-27593CRITICALDeadBolt RansomwareEPSS 87.9%KEVCVE-2024-45826HIGHThinManager® Code Execution VulnerabilityEPSS 11.2%CVE-2017-16088—The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access tEPSS 3.5%CVE-2021-43844HIGHExternally Controlled Reference to a Resource in Another Sphere in MSEdgeRedirectEPSS 3.3%CVE-2021-27648CRITICALExternally controlled reference to a resource in another sphere in quarantine functionality in Synology Antivirus Essential before 1.4.8-280EPSS 2.8%CVE-2021-41244CRITICALCross organization admin control in GrafanaEPSS 2.8%CVE-2023-0045MEDIUMIncorrect indirect branch prediction barrier in the Linux KernelEPSS 2.4%CVE-2022-39206CRITICALCI/CD Docker Escape in OneDevEPSS 1.6%CVE-2024-47773HIGHAnonymous cache poisoning via XHR requests in DiscourseEPSS 1.6%CVE-2021-3779—Ruby-MySQL Gem Client File ReadEPSS 1.1%CVE-2021-43794MEDIUMAnonymous user cache poisoning via development-mode header in DiscourseEPSS 1.0%CVE-2022-24854HIGHDatabase bypassing any permissions in Metabase via SQlite attachEPSS 1.0%CVE-2020-8226—A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which allowed remote image dimensions check to be used to SSRF.EPSS 1.0%CVE-2018-7824—An Externally Controlled Reference to a Resource (CWE-610) vulnerability exists in Schneider Electric Modbus Serial Driver (For 64-bit WindoEPSS 0.9%CVE-2024-24760HIGHMailcow Docker Container Exposure to Local NetworkEPSS 0.9%CVE-2025-22144CRITICALAccount Takeover in NamelessMCEPSS 0.7%CVE-2024-52792MEDIUMArbitrary config values override in lamEPSS 0.7%CVE-2022-43428MEDIUMJenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be eEPSS 0.6%CVE-2026-34327HIGHMicrosoft Partner Center Spoofing VulnerabilityEPSS 0.6%CVE-2024-24818MEDIUMEspoCRM weakness in "Forgot password"EPSS 0.6%