Falhas do tipo CWE-20

4.681 resultados
CVE-2024-41117CRITICALRemote code execution in streamlit geospatial in pages/10_🌍_Earth_Engine_Datasets.pyEPSS 1.3%CVE-2019-19337MEDIUMA flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated attacker cEPSS 1.3%CVE-2017-12701BMC Medical Luna CPAP Machines released prior to July 1, 2017, contain an improper input validation vulnerability which may allow an authentEPSS 1.3%CVE-2021-3970MEDIUMA potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attaEPSS 1.3%CVE-2020-7849HIGHUPRISM CURIX arbitrary code execution vulnerabilityEPSS 1.3%CVE-2020-15170HIGHMissing access control in apollo-adminserviceEPSS 1.3%CVE-2020-8568MEDIUMKubernetes Secrets Store CSI Driver sync/rotate directory traversalEPSS 1.3%CVE-2021-32759HIGHData Flow Sanitation Issue FixEPSS 1.3%CVE-2022-42012MEDIUMAn issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can caEPSS 1.3%CVE-2023-48693HIGHAzure RTOS ThreadX Remote Code Execution VulnerabilityEPSS 1.3%CVE-2024-38265HIGHWindows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityEPSS 1.3%CVE-2019-12706MEDIUMCisco Email Security Appliance Filter Bypass VulnerabilityEPSS 1.3%CVE-2023-24807HIGHUndici vulnerable to Regular Expression Denial of Service in HeadersEPSS 1.3%CVE-2022-47192HIGHAdmin password reset via file upload vulnerability in Generex CS141EPSS 1.3%CVE-2021-1464MEDIUMCisco SD-WAN vManage Authorization Bypass VulnerabilityEPSS 1.3%CVE-2021-1305HIGHCisco SD-WAN vManage Authorization Bypass VulnerabilitiesEPSS 1.3%CVE-2017-2674MEDIUMJBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a stored XSS via several lists in Business Central. The flaw is due to lack of sEPSS 1.3%CVE-2023-24816MEDIUMset_term_title command injection in ipythonEPSS 1.3%CVE-2022-27634MEDIUMOn 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, BIG-IP APM does not properly validate configurations, allowing aEPSS 1.3%CVE-2023-1973HIGHUndertow: unrestricted request storage leads to memory exhaustionEPSS 1.3%