Fallos del tipo CWE-74

4258 resultados
CVE-2026-8795HIGHA YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostnamEPSS 0.1%CVE-2026-44455MEDIUMHono: Unvalidated JSX Tag Names in hono/jsx May Allow HTML InjectionEPSS 0.1%CVE-2026-46546LOWFrappe LMS: HTML injection in user-controlled metadataEPSS 0.1%CVE-2026-4530MEDIUMapconw Aix-DB terminology_retriever.py sql injectionEPSS 0.1%CVE-2026-11475MEDIUMKushan2k student-management-system Certificate Verification Endpoint GradeController.php getStatus sql injectionEPSS 0.1%CVE-2026-0864MEDIUMConfiguration Injection via Carriage Return (\r) in write() methodEPSS 0.1%CVE-2025-69205MEDIUMIn µURU, a Specially Crafted Federation Name Allows Dialplan InjectionEPSS 0.1%CVE-2026-54231MEDIUMAbrt: unsanitized systemd journal content written to dump directory files enables content injectionEPSS 0.1%CVE-2026-15489MEDIUMRafyMrX TOKO-ONLINE-ROTI login.php sql injectionEPSS CVE-2026-15494MEDIUMAMTT Hotel Broadband Operation System switch_status.php sql injectionEPSS CVE-2026-15497MEDIUMSonicCloudOrg sonic-agent JWT Authentication Filter ExchangeController.java code injectionEPSS CVE-2026-15498MEDIUMsergomanov SmartHomeAdatum Login users.php sql injectionEPSS CVE-2026-15478MEDIUMIceHRM UserReport Endpoint EmployeeAttendanceReport.php sql injectionEPSS CVE-2026-15481HIGHTrendnet TEW-635BRM IPoA WAN Connection Setup rc ipoa_test command injectionEPSS CVE-2026-15482MEDIUMAster Telecom Azcall HTTP sis.php sql injectionEPSS CVE-2026-15502MEDIUMAojiaoZero Antaris PayPal IPN Payment ipn.php _rewardPurchase sql injectionEPSS CVE-2026-15477MEDIUMBahmni bahmnicore Search Endpoint sql additionalParams sql injectionEPSS CVE-2026-15490MEDIUMRafyMrX TOKO-ONLINE-ROTI add.php sql injectionEPSS