Falhas do tipo CWE-99
54 resultadosCVE-2026-9438MEDIUMyashpokharna2555 StudentManagementSystem courseDel.php resource injectionEPSS 0.3%CVE-2025-2125MEDIUMControl iD RH iD PDF Document companyId resource injectionEPSS 0.3%CVE-2026-5414MEDIUMNewgen OmniDocs WebApiRequestRedirection resource injectionEPSS 0.3%CVE-2025-9264MEDIUMXuxueli xxl-job Jobs JobInfoController.java remove resource injectionEPSS 0.3%CVE-2025-3405MEDIUMFCJ Venture Builder appclientefiel HTTP GET Request ObterPedido resource injectionEPSS 0.3%CVE-2025-9263MEDIUMXuxueli xxl-job JobLogController.java getJobsByGroup resource injectionEPSS 0.3%CVE-2026-10299MEDIUMcode-projects Online Hospital Management System viewdoctortimings.php resource injectionEPSS 0.3%CVE-2023-6605HIGHFfmpeg: dash playlist ssrf vulnerability in ffmpegEPSS 0.3%CVE-2025-43491HIGHPoly Lens Desktop Application – Privilege EscalationEPSS 0.3%CVE-2026-10168MEDIUMOUSL-GROUP-BrinaryBrains School Student Management System Parents.php marks resource injectionEPSS 0.2%CVE-2026-10624MEDIUMSourceCodester Human Resource Management Employee View detailview.php resource injectionEPSS 0.2%CVE-2026-5031MEDIUMBichitroGan ISP Billing Software Endpoint users-view resource injectionEPSS 0.2%CVE-2026-12207MEDIUMmedkey-org medkey HTTP REST API PatientController.php actionGetPatientById resource injectionEPSS 0.2%CVE-2026-33603MEDIUMAttacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the atEPSS 0.2%