Fallos del tipo CWE-20

4583 resultados
CVE-2018-10858MEDIUMA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server couEPSS 4.3%CVE-2017-6616A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker tEPSS 4.2%CVE-2020-3357CRITICALCisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Remote Code Execution and Denial of Service VulnerabilityEPSS 4.2%CVE-2017-14022An Improper Input Validation issue was discovered in Rockwell Automation FactoryTalk Alarms and Events, Version 2.90 and earlier. An unautheEPSS 4.2%CVE-2018-13807A vulnerability has been identified in SCALANCE X300 (All versions < V4.0.0), SCALANCE X408 (All versions < V4.0.0), SCALANCE X414 (All versEPSS 4.2%CVE-2014-5410Rockwell Automation Micrologix 1400 Improper Input ValidationEPSS 4.2%CVE-2020-8125Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code EPSS 4.1%CVE-2020-3263HIGHCisco Webex Meetings Desktop App URL Filtering Arbitrary Program Execution VulnerabilityEPSS 4.1%CVE-2017-12652CRITICALlibpng before 1.6.32 does not properly check the length of chunks against the user limit.EPSS 4.1%CVE-2019-14894HIGHA flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code executEPSS 4.1%CVE-2021-3907HIGHArbitrary filepath traversal via URI injectionEPSS 4.1%CVE-2022-35668MEDIUMAdobe Acrobat Reader Improper Input Validation Memory leakEPSS 4.1%CVE-2023-34111HIGHCommand Injection Vulnerability in `Release PR Merged` Workflow in taosdata/grafanapluginEPSS 4.0%CVE-2026-27304CRITICALColdFusion | Improper Input Validation (CWE-20)EPSS 4.0%CVE-2018-0313A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to thEPSS 4.0%CVE-2026-40466HIGHApache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Possible bypass of CVE-2026-34197 via HTTP discovery second-stage URIEPSS 4.0%CVE-2021-1139CRITICALCisco Smart Software Manager Satellite Web UI Command Injection VulnerabilitiesEPSS 4.0%CVE-2021-1141CRITICALCisco Smart Software Manager Satellite Web UI Command Injection VulnerabilitiesEPSS 4.0%CVE-2018-0274A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbiEPSS 4.0%CVE-2018-0234A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in Cisco Aironet 1810, 1830, and 1850 SeriesEPSS 4.0%