Falhas do tipo CWE-20

4.707 resultados
CVE-2026-35031CRITICALJellyfin: Potential RCE via subtitle upload path traversal + .strm chainEPSS 0.8%CVE-2016-9494Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation, potentially leading to denial of serviceEPSS 0.8%CVE-2024-36471HIGHApache Allura: sensitive information exposure via DNS rebindingEPSS 0.8%CVE-2020-15191MEDIUMUndefined behavior in TensorflowEPSS 0.7%CVE-2021-29507MEDIUMdlt-daemon could crash if there is special character in dlt.confEPSS 0.7%CVE-2022-41214HIGHDue to insufficient input validation, SAP NetWeaver Application Server ABAP and ABAP Platform allows an attacker with high level privileges EPSS 0.7%CVE-2024-23483HIGHLocal Privilege Escalation via lack of input validationEPSS 0.7%CVE-2022-31041HIGHInsufficient content-type validation for uploaded files in open-formsEPSS 0.7%CVE-2021-42122MEDIUMDenial of Service via Invalid Object Attribute in TopEaseEPSS 0.7%CVE-2022-38123HIGHInsufficient validation of plugin filesEPSS 0.7%CVE-2022-3767HIGHMissing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every EPSS 0.7%CVE-2023-25530HIGHNVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation. A successful exploitEPSS 0.7%CVE-2017-3873A vulnerability in the Plug-and-Play (PnP) subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight AcEPSS 0.7%CVE-2024-21507MEDIUMVersions of the package mysql2 before 3.9.3 are vulnerable to Improper Input Validation through the keyFromFields function, resulting in cacEPSS 0.7%CVE-2025-29847HIGHApache Linkis: Arbitrary File Read via Double URL Encoding BypassEPSS 0.7%CVE-2023-3894MEDIUMDOS in jackson-dataformats-textEPSS 0.7%CVE-2022-43863MEDIUMIBM QRadar SIEM privilege escalationEPSS 0.7%CVE-2023-39530MEDIUMPrestaShop vulnerable to file deletion via CustomerMessageEPSS 0.7%CVE-2022-33876MEDIUMMultiple instances of improper input validation vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.EPSS 0.7%CVE-2022-39306MEDIUMGrafana contains Improper Input ValidationEPSS 0.7%