Fallos del tipo CWE-20
4678 resultadosCVE-2018-12478MEDIUMobs-service-replace_using_package_version allows to specify arbitrary input filesEPSS 1.5%CVE-2020-15228LOWEnvironment Variable Injection in GitHub ActionsEPSS 1.5%CVE-2022-20797MEDIUMCisco Secure Network Analytics Remote Code Execution VulnerabilityEPSS 1.5%CVE-2025-0938MEDIUMURL parser allowed square brackets in domain namesEPSS 1.5%CVE-2017-12173MEDIUMIt was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and wEPSS 1.5%CVE-2024-23263HIGHA logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS EPSS 1.5%CVE-2023-24856HIGHMicrosoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityEPSS 1.5%CVE-2014-125119HIGHWinRAR < 5.00 Filename Spoofing RCEEPSS 1.5%CVE-2019-1789HIGHClamAV Denial of Service VulnerabilityEPSS 1.5%CVE-2026-4342HIGHingress-nginx comment-based nginx configuration injectionEPSS 1.5%CVE-2019-1909MEDIUMCisco IOS XR Software Border Gateway Protocol Denial of Service VulnerabilityEPSS 1.5%CVE-2019-12701MEDIUMCisco Firepower Management Center Software File and Malware Policy Bypass VulnerabilityEPSS 1.5%CVE-2022-47185HIGHApache Traffic Server: Invalid Range header causes a crashEPSS 1.5%CVE-2019-1786HIGHClam AntiVirus PDF Out-of-Bounds Read VulnerabilityEPSS 1.5%CVE-2008-2169HIGHUnspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE mesEPSS 1.5%CVE-2022-43439CRITICALA vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0EPSS 1.5%CVE-2008-2173HIGHUnspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE meEPSS 1.5%CVE-2008-2170HIGHUnspecified vulnerability in Century routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE mEPSS 1.5%CVE-2023-25927MEDIUMIBM Security Verify Access denial of serviceEPSS 1.5%CVE-2020-7842MEDIUMD'live AP command injection vulnerabilityEPSS 1.5%