Falhas do tipo CWE-1284
234 resultadosCVE-2024-55407HIGHAn issue in the DeviceloControl function of ITE Tech. Inc ITE IO Access v1.0.0.0 allows attackers to perform arbitrary port read and write aEPSS 0.2%CVE-2026-44826HIGHVvveb: Vvveb CMS — Negative-quantity cart manipulation allows creation of orders with negative grand totalsEPSS 0.2%CVE-2026-55706MEDIUMsppp_pap_input in sys/net/if_spppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths.EPSS 0.2%CVE-2025-15645MEDIUMLedger Nano X, Flex, Stax MCU Firmware Update Denial of ServiceEPSS 0.2%CVE-2026-41285MEDIUMIn OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery (ND) option (EPSS 0.2%CVE-2026-42744MEDIUMWordPress Ads by WPQuads plugin <= 3.0.2 - Bypass Vulnerability vulnerabilityEPSS 0.2%CVE-2026-27171LOWzlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that EPSS 0.2%CVE-2024-56716MEDIUMnetdevsim: prevent bad user input in nsim_dev_health_break_write()EPSS 0.2%CVE-2024-0111MEDIUMNVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a EPSS 0.2%CVE-2026-53689HIGHlibnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer overflow during a connection to a crafted NFS serEPSS 0.2%CVE-2024-8000MEDIUMOn affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in only the first line of the ACL being installed after an Accelerated Software Upgrade (ASU) restarEPSS 0.2%CVE-2025-3756HIGHDenial of Service Vulnerabilities in System 800xA, Symphony® Plus IEC 61850EPSS 0.2%CVE-2025-41100MEDIUMIncorrect authentication in ParkingDoorEPSS 0.2%CVE-2025-46656LOWpython-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as <h9999999> in addition to <h1> through <h6>. This EPSS 0.2%CVE-2025-59820MEDIUMIn KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kis_tga_import.EPSS 0.2%CVE-2024-53879LOWNVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a maEPSS 0.2%CVE-2024-3185MEDIUMRapid7 Insight Agent Sensitive Key Exposed To Local UsersEPSS 0.2%CVE-2024-45351HIGHGame center application has code execution VulnerabilityEPSS 0.2%CVE-2026-2403MEDIUMCWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting loEPSS 0.2%CVE-2025-68383MEDIUMFilebeat Improper Validation of Specified Index, Position, or Offset in InputEPSS 0.2%