Falhas do tipo CWE-940

52 resultados

CVE-2025-61932CRITICALLanscope Endpoint Manager (On-Premises) (Client program (MR) and Detection agent (DA)) improperly verifies the origin of incoming requests, EPSS 2.7%KEV CVE-2024-32388MEDIUMDue to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allowEPSS 1.4%CVE-2023-3663HIGHCODESYS: Missing integrity check in CODESYS Development SystemEPSS 1.0%CVE-2023-48387HIGHTAIWAN-CA(TWCA) JCICSecurityTool - Improper Input ValidationEPSS 1.0%CVE-2025-23018MEDIUMIPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowingEPSS 1.0%CVE-2025-23019MEDIUMIPv6-in-IPv4 tunneling (RFC 4213) allows an attacker to spoof and route traffic via an exposed network interface.EPSS 0.9%CVE-2024-38886CRITICALAn issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker tEPSS 0.8%CVE-2021-41038—In versions of the @theia/plugin-ext component of Eclipse Theia prior to 1.18.0, Webview contents can be hijacked via postMessage().EPSS 0.7%CVE-2024-40515CRITICALAn issue in SHENZHEN TENDA TECHNOLOGY CO.,LTD Tenda AX2pro V16.03.29.48_cn allows a remote attacker to execute arbitrary code via the RoutinEPSS 0.7%CVE-2023-41355CRITICALChunghwa Telecom NOKIA G-040W-Q - Improper Input ValidationEPSS 0.6%CVE-2025-13086MEDIUMImproper validation of source IP addresses in OpenVPN version 2.6.0 through 2.6.15 and 2.7_alpha1 through 2.7_rc1 allows an attacker to openEPSS 0.6%CVE-2023-51440HIGHA vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (AllEPSS 0.6%CVE-2022-4800HIGHImproper Verification of Source of a Communication Channel in usememos/memosEPSS 0.6%CVE-2023-41094CRITICALTouchlink authentication bypass due to packets processed after timeout or out of range in Ember ZNetEPSS 0.6%CVE-2022-4848HIGHImproper Verification of Source of a Communication Channel in usememos/memosEPSS 0.5%CVE-2019-25613HIGHEasy Chat Server 3.1 Denial of Service via message ParameterEPSS 0.5%CVE-2026-2967MEDIUMCesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of sourceEPSS 0.5%CVE-2024-36506LOWAn improper verification of source of a communication channel vulnerability [CWE-940] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all EPSS 0.5%CVE-2024-26131HIGHElement Android Intent RedirectionEPSS 0.5%CVE-2026-23866MEDIUMIncomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for AndroidEPSS 0.5%

← anteriorpágina 1 / 3próxima →