Falhas do tipo CWE-99
54 resultadosCVE-2019-6545—AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 20EPSS 13.9%CVE-2021-22879—Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious serveEPSS 4.7%CVE-2016-8615MEDIUMA flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequEPSS 4.5%CVE-2019-1860MEDIUMCisco Unified Intelligence Center Remote File Injection VulnerabilityEPSS 1.3%CVE-2020-8177HIGHcurl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a locaEPSS 1.2%CVE-2020-5230HIGHOpencast uses unsafe identifiersEPSS 1.2%CVE-2022-3774MEDIUMSourceCodester Train Scheduler App resource injectionEPSS 1.1%CVE-2023-2980MEDIUMAbstrium Pydio Cells User Creation resource injectionEPSS 1.1%CVE-2022-39369HIGHService Hostname Discovery Exploitation in phpCASEPSS 1.1%CVE-2024-4817MEDIUMCampcodes Online Laundry Management System HTTP Request Parameter manage_user.php resource injectionEPSS 0.9%CVE-2022-27670—SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server EPSS 0.9%CVE-2024-4294MEDIUMPHPGurukul Doctor Appointment Management System view-appointment-detail.php resource injectionEPSS 0.9%CVE-2024-7658MEDIUMprojectsend process.php get_preview resource injectionEPSS 0.8%CVE-2025-0756CRITICALHitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')EPSS 0.8%CVE-2022-1287MEDIUMSchool Club Application System resource injectionEPSS 0.7%CVE-2024-57971CRITICALDataSourceResource.java in the SpagoBI API support in Knowage Server in KNOWAGE before 8.1.30 does not ensure that java:comp/env/jdbc/ occurEPSS 0.7%CVE-2024-5706HIGHHitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')EPSS 0.6%CVE-2023-3517HIGHHitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')EPSS 0.6%CVE-2025-1642MEDIUMBenner ModernaNet GetImageMedico resource injectionEPSS 0.6%CVE-2021-42360HIGHStarter Templates — Elementor, Gutenberg & Beaver Builder Templates <= 2.7.0 Authenticated Block Import to Stored XSSEPSS 0.6%