Falhas do tipo CWE-20

4.705 resultados
CVE-2025-64666HIGHMicrosoft Exchange Server Elevation of Privilege VulnerabilityEPSS 1.0%CVE-2021-26618HIGHTmax ToOffice arbitrary file creation vulnerabilityEPSS 1.0%CVE-2025-43234CRITICALMultiple memory corruption issues were addressed with improved input validation. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS SequEPSS 1.0%CVE-2023-32323MEDIUMSynapse Outgoing federation to specific hosts can be disabled by sending malicious invitesEPSS 1.0%CVE-2023-20072HIGHCisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service VulnerabilityEPSS 1.0%CVE-2025-64989HIGHCommand Injection in 1E-Explorer-TachyonCore-FindFileBySizeAndHash InstructionEPSS 1.0%CVE-2026-41044HIGHApache ActiveMQ, Apache ActiveMQ Broker, Apache ActiveMQ All: Authenticated user can perform RCE via DestinationView MBean exposed by JolokiaEPSS 1.0%CVE-2021-22699Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of EPSS 1.0%CVE-2025-14213HIGHCato's Socket WebUI is vulnerable to OS Command InjectionEPSS 1.0%CVE-2023-50737CRITICALAn input validation vulnerability in the SE Menu allows an attacker to execute arbitrary code.EPSS 1.0%CVE-2021-35254HIGHAuthenticated Remote Code Execution in WebHelpDesk 12.7.8EPSS 1.0%CVE-2025-57220MEDIUMAn input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 to escalate privileges to root via a crafEPSS 1.0%CVE-2022-0567A flaw was found in ovn-kubernetes. This flaw allows a system administrator or privileged attacker to create an egress network policy that bEPSS 1.0%CVE-2022-26107When a user opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer -EPSS 1.0%CVE-2022-26106When a user opens a manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) received from untrusted sources in SAP 3D Visual Enterprise VEPSS 1.0%CVE-2021-20252A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested dateEPSS 1.0%CVE-2022-26109When a user opens a manipulated Portable Document Format (.pdf, PDFView.x3d) received from untrusted sources in SAP 3D Visual Enterprise VieEPSS 1.0%CVE-2025-8266MEDIUMyanyutao0402 ChanCMS collect.js getArticle deserializationEPSS 1.0%CVE-2023-27599HIGHOpenSIPS has vulnerability in the parse_to_param() functionEPSS 1.0%CVE-2024-21374MEDIUMMicrosoft Teams for Android Information Disclosure VulnerabilityEPSS 1.0%