Falhas do tipo CWE-20

4.710 resultados
CVE-2020-3257HIGHCisco IOx Application Environment for IOS Software for Cisco Industrial Routers VulnerabilitiesEPSS 0.7%CVE-2024-32371HIGHAn issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a regular user account to escalate their privileges and gain aEPSS 0.7%CVE-2020-3507HIGHCisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial of Service VulnerabilitiesEPSS 0.7%CVE-2022-34476CRITICALASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This vulneraEPSS 0.7%CVE-2024-12138MEDIUMhorilla create_skills deserializationEPSS 0.7%CVE-2023-46159LOWIBM Storage Ceph denial of serviceEPSS 0.7%CVE-2026-23570MEDIUMLog timestamp tampering vulnerability in Content Distribution ServiceEPSS 0.7%CVE-2026-20224HIGHCisco Catalyst SD-WAN Manager XML External Entity Injection VulnerabilityEPSS 0.7%CVE-2022-32236When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the apEPSS 0.7%CVE-2024-38046HIGHPowerShell Elevation of Privilege VulnerabilityEPSS 0.7%CVE-2022-4428HIGHsupport_uri validation missing in WARP client for WindowsEPSS 0.7%CVE-2023-23375HIGHMicrosoft ODBC and OLE DB Remote Code Execution VulnerabilityEPSS 0.7%CVE-2021-25748HIGHIngress-nginx `path` sanitization can be bypassed with newline characterEPSS 0.7%CVE-2025-29923LOWgo-redis allows potential out of order responses when `CLIENT SETINFO` times out during connection establishmentEPSS 0.7%CVE-2024-23634MEDIUMGeoServer arbitrary file renaming vulnerability in REST Coverage/Data Store APIEPSS 0.7%CVE-2023-2455MEDIUMRow security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases whEPSS 0.7%CVE-2025-57644CRITICALAccela Automation Platform 22.2.3.0.230103 contains multiple vulnerabilities in the Test Script feature. An authenticated administrative useEPSS 0.7%CVE-2023-22916HIGHThe configuration parser of Zyxel ATP series firmware versions 5.10 through 5.35, USG FLEX series firmware versions 5.00 through 5.35, USG FEPSS 0.7%CVE-2026-27282HIGHColdFusion | Improper Input Validation (CWE-20)EPSS 0.7%CVE-2021-3612An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the useEPSS 0.7%