Falhas do tipo CWE-20

4.700 resultados
CVE-2020-12033In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied idEPSS 1.1%CVE-2018-15387Cisco SD-WAN Solution Certificate Validation Bypass VulnerabilityEPSS 1.1%CVE-2022-35924CRITICALVerification requests (magic link) sent to unwanted emailsEPSS 1.1%CVE-2020-3479MEDIUMCisco IOS and IOS XE Software MP-BGP EVPN Denial of Service VulnerabilityEPSS 1.1%CVE-2019-16762MEDIUMValidator parsing discrepancy due to string encoding in NPM slpjsEPSS 1.1%CVE-2022-46303HIGHCommand injection in SMS notificationsEPSS 1.1%CVE-2021-4204An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a localEPSS 1.1%CVE-2018-7935MEDIUM There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the netwoEPSS 1.1%CVE-2021-44530An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a EPSS 1.1%CVE-2023-45178MEDIUMIBM Db2 denial of serviceEPSS 1.1%CVE-2023-46167MEDIUMIBM Db2 denial of serviceEPSS 1.1%CVE-2022-39266CRITICALisolated-vm has vulnerable CachedDataOptions in APIEPSS 1.1%CVE-2023-40699HIGHIBM InfoSphere Information Server denial of serviceEPSS 1.1%CVE-2023-47003CRITICALAn issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial of service via a crafted string in DataBlocEPSS 1.1%CVE-2020-3134MEDIUMCisco Email Security Appliance Zip Decompression Engine Denial of Service VulnerabilityEPSS 1.1%CVE-2023-31148CRITICALImproper Input Validation in Web InterfaceEPSS 1.1%CVE-2023-31149CRITICALImproper Input Validation in Web InterfaceEPSS 1.1%CVE-2024-35296HIGHApache Traffic Server: Invalid Accept-Encoding can force forwarding requestsEPSS 1.1%CVE-2023-48310CRITICALAbility to DoS the testing infrastructure by overwriting filesEPSS 1.1%CVE-2024-40520HIGHSeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by admin_config_mark.php directly splicing and writing thEPSS 1.1%