Falhas do tipo CWE-20
4.583 resultadosCVE-2023-3710CRITICALPrinter web page invalid command executionEPSS 33.1%CVE-2023-4197HIGHDolibarr ERP CRM (<= 18.0.1) Improper Input Sanitization Authenticated RCEEPSS 32.8%CVE-2024-21388MEDIUMMicrosoft Edge (Chromium-based) Elevation of Privilege VulnerabilityEPSS 32.0%CVE-2025-24514HIGHingress-nginx controller - configuration injection via unsanitized auth-url annotationEPSS 31.8%CVE-2024-4548CRITICALDelta Electronics DIAEnergie SQL InjectionEPSS 29.4%CVE-2025-20393CRITICALCisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution VulnerabilityEPSS 29.1%KEVCVE-2021-3490HIGHLinux kernel eBPF bitwise ops ALU32 bounds trackingEPSS 27.5%CVE-2021-23279HIGHArbitrary File deleteEPSS 27.1%CVE-2023-2914HIGHRockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation VulnerabilitiyEPSS 27.0%CVE-2024-7646HIGHA security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the `networking.k8s.io` or `exEPSS 26.0%CVE-2019-11253HIGHKubernetes API Server JSON/YAML parsing vulnerable to resource exhaustion attackEPSS 25.9%CVE-2022-38900HIGHdecode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS.EPSS 24.9%CVE-2019-1914HIGHCisco Small Business 220 Series Smart Switches Command Injection VulnerabilityEPSS 24.9%CVE-2025-60787HIGHMotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name. Unsanitized user iEPSS 24.7%CVE-2018-19949CRITICALIf exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue EPSS 24.4%KEVCVE-2026-32201MEDIUMMicrosoft SharePoint Server Spoofing VulnerabilityEPSS 24.2%KEVCVE-2024-49368HIGHUnchecked logrotate settings lead to arbitrary command executionEPSS 23.5%CVE-2024-24549HIGHApache Tomcat: HTTP/2 header handling DoSEPSS 23.1%CVE-2020-3249CRITICALMultiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big DataEPSS 23.1%CVE-2017-7924—An Improper Input Validation issue was discovered in Rockwell Automation MicroLogix 1100 controllers 1763-L16BWA, 1763-L16AWA, 1763-L16BBB, EPSS 22.2%