Fallos del tipo CWE-93
149 resultadosCVE-2025-61884HIGHVulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime UI). Supported versions that are affected aEPSS 97.6%KEVCVE-2022-0666HIGHCRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in microweber/microweberEPSS 44.3%CVE-2016-3115MEDIUMMultiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended sheEPSS 37.0%CVE-2024-20337HIGHA vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriEPSS 29.9%CVE-2021-39172HIGHNew line injection during configuration editionEPSS 29.2%CVE-2023-4768MEDIUMImproper Neutralization of CRLF Sequences in ManageEngine Desktop CentralEPSS 2.9%CVE-2023-4767MEDIUMImproper Neutralization of CRLF Sequences in ManageEngine Desktop CentralEPSS 2.9%CVE-2020-11078MEDIUMCRLF injection in httplib2EPSS 2.6%CVE-2018-12537—In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and linEPSS 2.5%CVE-2022-31014MEDIUMSMTP Command Injection in iCalendar Attachments to emails via newlines in Nextcloud ServerEPSS 2.4%CVE-2021-31164—Apache Unomi log injectionEPSS 2.3%CVE-2026-39983HIGHFTP Command Injection via CRLF in basic-ftpEPSS 1.9%CVE-2025-59419MEDIUMNetty netty-codec-smtp SMTP Command Injection Vulnerability Allowing Email ForgeryEPSS 1.6%CVE-2025-57804MEDIUMh2 allows HTTP Request Smuggling due to illegal characters in headersEPSS 1.6%CVE-2026-23829MEDIUMMailpit has SMTP Header Injection via Regex BypassEPSS 1.4%CVE-2020-3561MEDIUMCisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CRLF Injection VulnerabilityEPSS 1.3%CVE-2022-35948MEDIUMCRLF Injection in Nodejs ‘undici’ via Content-TypeEPSS 1.2%CVE-2018-12477LOWobs-service-refresh_patches can be tricked into deleting '..' or other unrelated directoriesEPSS 1.2%CVE-2023-26130HIGHVersions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the contEPSS 1.1%CVE-2023-23936MEDIUMCRLF Injection in Nodejs ‘undici’ via hostEPSS 1.1%