Fallos del tipo CWE-668

205 resultados
CVE-2022-25236CRITICALxmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.EPSS 33.9%CVE-2026-44338HIGHPraisonAI ships and generates a legacy API server with authentication disabled by default, allowing unauthenticated workflow executionEPSS 26.8%CVE-2024-21626HIGHrunc container breakout through process.cwd trickery and leaked fdsEPSS 17.3%CVE-2024-38368CRITICALTrunk's 'Claim your pod' could be used to obtain un-used podsEPSS 14.7%CVE-2025-55583CRITICALD-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an unauthenticated OS command injection vulnerability in the fileaccess.cgi EPSS 5.8%CVE-2024-40725MEDIUMApache HTTP Server: source code disclosure with handlers configured via AddTypeEPSS 4.1%CVE-2026-25643CRITICALFrigate Affected by Authenticated Remote Command Execution (RCE) and Container EscapeEPSS 2.9%CVE-2021-21334MEDIUMenvironment variable leakEPSS 2.0%CVE-2025-2857CRITICALIncorrect handle could lead to sandbox escapesEPSS 1.9%CVE-2023-48291Apache Airflow: Improper access control to DAG resourcesEPSS 1.8%CVE-2020-26272MEDIUMElectron vulnerable to ID collision when routing IPC messages to renderers containing OOPIFsEPSS 1.8%CVE-2020-10271CRITICALRVD#2555: MiR ROS computational graph is exposed to all network interfaces, including poorly secured wireless networks and open wired onesEPSS 1.8%CVE-2021-32760MEDIUMArchive package allows chmod of file outside of unpack target directoryEPSS 1.6%CVE-2025-9074CRITICALDocker Desktop allows unauthenticated access to Docker Engine API from containersEPSS 1.6%CVE-2021-44524A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.EPSS 1.6%CVE-2025-34119HIGHEasyCafe Server 2.2.14 Remote File Disclosure via Opcode 0x43EPSS 1.5%CVE-2020-15264HIGHPrivilege Escalation in BoxstarterEPSS 1.5%CVE-2021-21382HIGHUnsafe loopback forwarding interface in RestundEPSS 1.5%CVE-2022-38813HIGHPHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all EPSS 1.5%CVE-2023-42792Apache Airflow: Improper access control to DAG resourcesEPSS 1.4%