Fallos del tipo CWE-170

49 resultados
CVE-2021-22931Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validationEPSS 22.0%CVE-2019-11045LOWDirectoryIterator class silently truncates after a null byteEPSS 8.8%CVE-2019-11044LOWlink() silently truncates after a null byte on WindowsEPSS 5.1%CVE-2019-8275UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being acEPSS 4.0%CVE-2020-27736MEDIUMA vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions <EPSS 3.6%CVE-2021-31886A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (EPSS 3.0%CVE-2020-7066MEDIUMget_headers() silently truncates after a null byteEPSS 2.8%CVE-2021-31887A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (EPSS 2.4%CVE-2021-31888A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (EPSS 2.4%CVE-2023-36906MEDIUMWindows Cryptographic Services Information Disclosure VulnerabilityEPSS 2.0%CVE-2023-36907MEDIUMWindows Cryptographic Services Information Disclosure VulnerabilityEPSS 1.6%CVE-2021-31884A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (EPSS 1.5%CVE-2021-1411CRITICALCisco Jabber Desktop and Mobile Client Software VulnerabilitiesEPSS 1.4%CVE-2023-35321MEDIUMWindows Deployment Services Denial of Service VulnerabilityEPSS 1.4%CVE-2021-1471CRITICALCisco Jabber Desktop and Mobile Client Software VulnerabilitiesEPSS 1.3%CVE-2024-43474HIGHMicrosoft SQL Server Information Disclosure VulnerabilityEPSS 1.3%CVE-2022-47515HIGHAn issue was discovered in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service (daemon crash) via a long EPSS 1.2%CVE-2021-1469CRITICALCisco Jabber Desktop and Mobile Client Software VulnerabilitiesEPSS 1.0%CVE-2021-1417CRITICALCisco Jabber Desktop and Mobile Client Software VulnerabilitiesEPSS 1.0%CVE-2021-1418CRITICALCisco Jabber Desktop and Mobile Client Software VulnerabilitiesEPSS 0.9%