Falhas do tipo CWE-20

4.705 resultados
CVE-2023-30991HIGHIBM Db2 denial of serviceEPSS 0.8%CVE-2023-33182NONENextcloud Contacts photos only sanitized if mime type is all lower caseEPSS 0.8%CVE-2023-2315HIGHPath Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2EPSS 0.8%CVE-2021-3624There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code mEPSS 0.8%CVE-2023-38704HIGHimport-in-the-middle allows unsanitized user controlled input in module generationEPSS 0.8%CVE-2023-22465HIGHHttp4s has fatal error parsing User-Agent and Server headersEPSS 0.8%CVE-2024-21625HIGHOne-click remote code execution via malicious deep linkEPSS 0.8%CVE-2017-15093When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.EPSS 0.8%CVE-2020-15200MEDIUMSegfault in TensorflowEPSS 0.8%CVE-2021-3048MEDIUMPAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall OutageEPSS 0.8%CVE-2022-28695HIGHOn F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versionEPSS 0.8%CVE-2025-0465MEDIUMAquilaCMS categories deserializationEPSS 0.8%CVE-2017-6794A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injeEPSS 0.8%CVE-2022-2385HIGHAccessKeyID validation bypassEPSS 0.8%CVE-2021-37863LOWMattermost 6.0 and earlier fails to sufficiently validate parameters during post creation, which allows authenticated attackers to cause a cEPSS 0.8%CVE-2026-47370CRITICALA malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain deEPSS 0.8%CVE-2024-3028HIGHImproper Input Validation in mintplex-labs/anything-llmEPSS 0.8%CVE-2022-39881MEDIUMImproper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to reEPSS 0.8%CVE-2020-15234MEDIUMRedirect URL matching ignores character casingEPSS 0.8%CVE-2023-40053MEDIUMHTML injection Vulnerability in Serv-U 15.4EPSS 0.8%