Fallos del tipo CWE-20
4597 resultadosCVE-2021-20206—An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load iEPSS 1.5%CVE-2023-31039CRITICALApache bRPC: ServerOptions.pid_file may cause arbitrary code executionEPSS 1.5%CVE-2025-34111CRITICALTiki Wiki <= 15.1 ELFinder Unauthenticated File Upload RCEEPSS 1.5%CVE-2021-1513HIGHCisco SD-WAN Software vDaemon Denial of Service VulnerabilityEPSS 1.5%CVE-2022-41942HIGHSourcegraph vulnerable to Comand Injection via gitserverEPSS 1.5%CVE-2023-38254MEDIUMMicrosoft Message Queuing (MSMQ) Denial of Service VulnerabilityEPSS 1.5%CVE-2019-12633MEDIUMCisco Unified Contact Center Express Request Processing Server-Side Request Forgery VulnerabilityEPSS 1.5%CVE-2019-16027HIGHCisco IOS XR Software Intermediate System–to–Intermediate System Denial of Service VulnerabilityEPSS 1.5%CVE-2019-1884HIGHCisco Web Security Appliance Web Proxy Denial of Service VulnerabilityEPSS 1.5%CVE-2020-7841HIGHTOBESOFT XPLATFORM arbitrary hta file execution vulnerabilityEPSS 1.5%CVE-2019-7617—When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attackerEPSS 1.5%CVE-2020-3359HIGHCisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Multicast DNS Denial of Service VulnerabilityEPSS 1.5%CVE-2020-8476MEDIUMABB Central Licensing System - Elevation of Privilege VulnerabilityEPSS 1.5%CVE-2020-3221HIGHCisco IOS XE Software Flexible NetFlow Version 9 Denial of Service VulnerabilityEPSS 1.5%CVE-2019-11289HIGHA forged route service request using an invalid nonce can cause the gorouter to panic and crashEPSS 1.5%CVE-2020-3272HIGHCisco Prime Network Registrar DHCP Denial of Service VulnerabilityEPSS 1.5%CVE-2021-42853CRITICALDirectory Traversal Delete/Read at AgentDiagnosticServletEPSS 1.5%CVE-2021-42854CRITICALDirectory Traversal Read/Write/Delete at PluginServletEPSS 1.5%CVE-2018-3777—Insufficient URI encoding in restforce before 3.0.0 allows attacker to inject arbitrary parameters into Salesforce API requests.EPSS 1.5%CVE-2022-43546CRITICALA vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER MEPSS 1.5%