Falhas do tipo CWE-20

4.713 resultados
CVE-2024-23669MEDIUMAn improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 alloEPSS 0.5%CVE-2026-27590HIGHCaddy: Unicode case-folding length expansion causes incorrect split_path index (SCRIPT_NAME/PATH_INFO confusion) in FastCGI transportEPSS 0.5%CVE-2025-26781HIGHAn issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330,EPSS 0.5%CVE-2024-33999CRITICALmoodle: unsafe direct use of $_SERVER['HTTP_REFERER'] in admin/tool/mfa/index.phpEPSS 0.5%CVE-2023-3724CRITICALTLS 1.3 client issue handling malicious server when not including a KSE and PSK extensionEPSS 0.5%CVE-2025-49554HIGHAdobe Commerce | Improper Input Validation (CWE-20)EPSS 0.5%CVE-2019-1605HIGHCisco NX-OS Software NX-API Arbitrary Code Execution VulnerabilityEPSS 0.5%CVE-2022-2502HIGHA vulnerability exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can EPSS 0.5%CVE-2024-0396HIGHMissing Server-Side Input Validation in HTTP ParameterEPSS 0.5%CVE-2025-27489HIGHAzure Local Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2024-29838HIGHUnsanitised variable on DAL_ADD in Evolution Controller causes application level denial of service and crashEPSS 0.5%CVE-2025-47283CRITICALBypassing project secret validation can lead to privilege escalationEPSS 0.5%CVE-2025-69986HIGHA buffer overflow vulnerability exists in the ONVIF GetStreamUri function of LSC Indoor Camera V7.6.32. The application fails to validate thEPSS 0.5%CVE-2024-56321LOWGoCD can allow malicious GoCD admins to abuse backup configuration to gain additional host accessEPSS 0.5%CVE-2024-11662MEDIUMwelliamcao OpsManage API Endpoint deploy_api.py deploy_host_vars deserializationEPSS 0.5%CVE-2017-12312An untrusted search path (aka DLL Preloading) vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local aEPSS 0.5%CVE-2026-26143HIGHMicrosoft PowerShell Security Feature Bypass VulnerabilityEPSS 0.5%CVE-2026-33826HIGHWindows Active Directory Remote Code Execution VulnerabilityEPSS 0.5%CVE-2020-15731LOWLocal Privilege Escalation in Bitdefender Engines (VA-8953)EPSS 0.5%CVE-2026-0919HIGHUnauthenticated Denial of Service via Oversized URL in HTTP Parser on TP-Link Tapo C210, C220 & C520WSEPSS 0.5%