Falhas do tipo CWE-1284
234 resultadosCVE-2021-47821MEDIUMRarmaRadio 2.72.8 - Denial of ServiceEPSS 0.4%CVE-2025-36092MEDIUMIBM Business Automation Insights improper input validationEPSS 0.4%CVE-2026-44635HIGHKysely: JSON-path traversal injection via unsanitized path-leg metacharacters in `JSONPathBuilder.key()` / `.at()`EPSS 0.4%CVE-2022-47029HIGHAn issue was found in Action Launcher v50.5 allows an attacker to escalate privilege via modification of the intent string to function updatEPSS 0.4%CVE-2023-7332HIGHPocketMine-MP < 4.18.1 Improper Validation of Dropped Item Count Allows Remote Server CrashEPSS 0.4%CVE-2025-65548CRITICALNUT-14 allows cashu tokens to be created with a preimage hash. However, nutshell (cashubtc/nuts) before 0.18.0 do not validate the size of pEPSS 0.4%CVE-2025-14511HIGHImproper Validation of Specified Quantity in Input in GitLabEPSS 0.4%CVE-2025-43970MEDIUMAn issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that thereEPSS 0.4%CVE-2025-14869HIGHImproper Validation of Specified Quantity in Input in GitLabEPSS 0.4%CVE-2024-39343HIGHAn issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123EPSS 0.4%CVE-2025-43964LOWIn LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.EPSS 0.3%CVE-2025-55398CRITICALAn issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In UPER (Unaligned Packed Encoding Rules), asn1cEPSS 0.3%CVE-2026-1528HIGHundici is vulnerable to Malicious WebSocket 64-bit length overflows undici parser and crashes the clientEPSS 0.3%CVE-2023-27941MEDIUMA validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, EPSS 0.3%CVE-2025-36009MEDIUMIBM Db2 Denial of ServiceEPSS 0.3%CVE-2025-11594MEDIUMywxbear PHP-Bookstore-Website-Example Quantity index.php improper validation of specified quantity in inputEPSS 0.3%CVE-2026-31971HIGHHTSlib CRAM decoder vulnerable to buffer overflowEPSS 0.3%CVE-2021-47831MEDIUMSandboxie 5.49.7 - Denial of ServiceEPSS 0.3%CVE-2024-23593MEDIUM
A vulnerability was reported
in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from EPSS 0.3%CVE-2025-36427MEDIUMIBM Db2 Denial of ServiceEPSS 0.3%