Falhas do tipo CWE-20
4.585 resultadosCVE-2021-36047HIGHXMP Toolkit SDK Improper Input Validation Could Lead To Arbitrary Code ExecutionEPSS 2.7%CVE-2021-36048HIGHXMP Toolkit SDK Improper Input Validation Could Lead To Arbitrary Code ExecutionEPSS 2.7%CVE-2021-22767CRITICALA CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All VersionsEPSS 2.7%CVE-2021-22768CRITICALA CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All VersionsEPSS 2.7%CVE-2021-22765CRITICALA CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All VersionsEPSS 2.7%CVE-2020-6656MEDIUMFile parsing Type Confusion Remote code execution vulerabilityEPSS 2.7%CVE-2018-0112—A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server could allow an authenticated, rEPSS 2.7%CVE-2018-0090—A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticateEPSS 2.7%CVE-2018-0136—A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series couEPSS 2.7%CVE-2021-3580—A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to proviEPSS 2.7%CVE-2022-40898HIGHAn issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via aEPSS 2.7%CVE-2018-14661MEDIUMIt was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage,EPSS 2.7%CVE-2024-5988CRITICALRockwell Automation ThinManager® ThinServer™ Improper Input Validation VulnerabilityEPSS 2.7%CVE-2020-6655MEDIUMFile parsing Out-Of-Bounds read remote code executionEPSS 2.7%CVE-2019-1712MEDIUMCisco IOS XR Software Protocol Independent Multicast Denial of Service VulnerabilityEPSS 2.6%CVE-2017-6619—A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker tEPSS 2.6%CVE-2024-1374CRITICALCommand injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement ConsoleEPSS 2.6%CVE-2022-26781CRITICALMultiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.EPSS 2.6%CVE-2023-52137HIGHGitHub Action tj-actions/verify-changed-files is vulnerable to command injection in output filenamesEPSS 2.6%CVE-2021-1252HIGHClam AntiVirus (ClamAV) Excel XLM Parser Denial of Service VulnerabilityEPSS 2.6%