Falhas do tipo CWE-923
60 resultadosCVE-2024-24974HIGHThe interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attackerEPSS 9.8%CVE-2025-48999MEDIUMDataease Redshift Data Source JDBC Connection Parameters Not Verified Leads to RCE VulnerabilityEPSS 6.3%CVE-2021-38487HIGHPotential Network Amplification and Information Exposure in RTI Connext Professional and Connext MicroEPSS 3.2%CVE-2019-17440CRITICALPAN-OS on PA-7000 Series: Improper restriction of communication to Log Forwarding Card (LFC) allows root accessEPSS 1.7%CVE-2021-32635MEDIUMAction Commands (run/shell/exec) Against Library URIs Ignore Configured Remote EndpointEPSS 1.4%CVE-2022-2663—An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. AEPSS 1.4%CVE-2018-10596HIGHMedtronic 2090 Carelink Programmer Improper Restriction of Communication Channel to Intended EndpointsEPSS 1.3%CVE-2017-3891CRITICALIn BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege vulnerability in the default configuration of the QNXEPSS 1.3%CVE-2026-23664HIGHAzure IoT Explorer Information Disclosure VulnerabilityEPSS 1.0%CVE-2023-28078CRITICAL
Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticatEPSS 0.7%CVE-2024-41889HIGHMultiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be exEPSS 0.6%CVE-2021-32004LOWGateManager does not enforce strict hostname matching for WEB serverEPSS 0.6%CVE-2024-34446HIGHMullvad VPN through 2024.1 on Android does not set a DNS server in the blocking state (after a hard failure to create a tunnel), and thus DNEPSS 0.6%CVE-2025-46566MEDIUMDataease redshift JDBC Connection Remote Code ExecutionEPSS 0.6%CVE-2024-43571MEDIUMSudo for Windows Spoofing VulnerabilityEPSS 0.6%CVE-2024-47490HIGHJunos OS Evolved: ACX 7000 Series: Receipt of specific transit MPLS packets causes resources to be exhaustedEPSS 0.6%CVE-2024-6222HIGHIn Docker Desktop before v4.29.0 an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messagesEPSS 0.6%CVE-2024-26131HIGHElement Android Intent RedirectionEPSS 0.5%CVE-2025-48807MEDIUMWindows Hyper-V Remote Code Execution VulnerabilityEPSS 0.4%CVE-2025-31144MEDIUMQuick Agent V3 and Quick Agent V2 contain an issue with improper restriction of communication channel to intended endpoints. If exploited, aEPSS 0.4%