Falhas do tipo CWE-829

175 resultados
CVE-2020-36924MEDIUMSony BRAVIA Digital Signage 1.7.8 Unauthenticated Remote File InclusionEPSS 0.5%CVE-2022-31156MEDIUMGradle's dependency verification can ignore checksum verification when signature verification cannot be performedEPSS 0.5%CVE-2023-41267Apache HDFS Provider error message suggested installation of incorrect pip packageEPSS 0.5%CVE-2020-36905MEDIUMFIBARO System Home Center 5.021 Remote File Inclusion via Proxy APIEPSS 0.4%CVE-2019-10240Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these deEPSS 0.4%CVE-2019-10248Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these dependentEPSS 0.4%CVE-2026-5241HIGHPolicy Bypass in LightGlue Nested Config Resolution in huggingface/transformersEPSS 0.4%CVE-2022-31021LOWUnlinkability broken in ursa when verifiers use malicious keysEPSS 0.4%CVE-2022-41709HIGHMarkdownify version 1.4.1 allows an external attacker to execute arbitrary code remotely on any client attempting to view a malicious markdoEPSS 0.4%CVE-2025-36727HIGHSimpleHelp Inclusion of functionality from untrusted control sphereEPSS 0.4%CVE-2026-53810HIGHOpenClaw < 2026.5.18 - Arbitrary Code Execution via Unscanned Marketplace Runtime Extension MetadataEPSS 0.4%CVE-2025-61592HIGHCursor CLI: Arbitrary Code Execution Possible through Permissive CLI ConfigEPSS 0.4%CVE-2025-24796MEDIUMRemote Code Execution within Collabora Online jail with Macros EnabledEPSS 0.4%CVE-2026-27941CRITICALOpenLIT Vulnerable to Remote Code Execution and Secret Exposure via Misuse of `pull_request_target` in GitHub Actions WorkflowsEPSS 0.4%CVE-2023-31168MEDIUM Inclusion of Functionality from Untrusted Control SphereEPSS 0.4%CVE-2026-43571HIGHOpenClaw < 2026.4.10 - Untrusted Workspace Plugin Shadow Resolution in Channel SetupEPSS 0.4%CVE-2022-46302HIGHRemote Code Execution with Root Privileges via Broad Apache PermissionsEPSS 0.4%CVE-2026-43569HIGHOpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider AuthEPSS 0.4%CVE-2026-8879HIGHCVE-2026-8879EPSS 0.4%CVE-2026-28372HIGHtelnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added EPSS 0.4%