Fallos del tipo CWE-453
18 resultadosCVE-2024-21411HIGHSkype for Consumer Remote Code Execution VulnerabilityEPSS 2.6%CVE-2021-27426CRITICALGE UR family insecure default variable initializationEPSS 1.2%CVE-2024-49120HIGHWindows Remote Desktop Services Remote Code Execution VulnerabilityEPSS 1.1%CVE-2022-47197CRITICALAn insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost EPSS 1.0%CVE-2022-47194CRITICALAn insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost EPSS 0.8%CVE-2025-30206CRITICALDpanel's hard-coded JWT secret leads to remote code executionEPSS 0.7%CVE-2022-3262HIGHA flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. ThEPSS 0.7%CVE-2022-47196CRITICALAn insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost EPSS 0.7%CVE-2022-47195CRITICALAn insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost EPSS 0.7%CVE-2025-47945CRITICALDonetick Has Weak Default JWT SecretEPSS 0.6%CVE-2023-27516HIGHAn authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A speciallEPSS 0.5%CVE-2022-46831MEDIUMIn JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity projectEPSS 0.4%CVE-2025-61926MEDIUMAllstar Reviewbot has Authentication Bypass via Hard-coded Webhook SecretEPSS 0.4%CVE-2024-39916MEDIUMNFS server misconfiguration allows file access outside the exported directoryEPSS 0.3%CVE-2024-41255HIGHfilestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a manEPSS 0.2%CVE-2026-0082CRITICALIn tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure defaultEPSS 0.2%CVE-2026-41330LOWOpenClaw < 2026.3.31 - Environment Variable Override via Host Exec PolicyEPSS 0.1%CVE-2025-48563HIGHIn onNullBinding of RemoteFillService.java, there is a possible background activity launch due to an insecure default value. This could leadEPSS 0.1%