Falhas do tipo CWE-345
369 resultadosCVE-2022-2789MEDIUMEmerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, aEPSS 0.1%CVE-2022-42267HIGHNVIDIA GPU Display Driver for Windows contains a vulnerability where a regular user can cause an out-of-bounds read, which may lead to code EPSS 0.1%CVE-2023-22315MEDIUM
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network (LAN) protocol that does not verify updates EPSS 0.1%CVE-2021-26396MEDIUMInsufficient validation of address mapping to IO in ASP (AMD Secure Processor) may result in a loss of memory integrity in the SNP guest.
EPSS 0.1%CVE-2022-33861MEDIUMInsufficient verification of authenticity in IPPEPSS 0.1%CVE-2024-54111MEDIUMRead/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.EPSS 0.1%CVE-2026-46654HIGHPlonky3 MultiField32Challenger: transcript malleability and challenge entropy lossEPSS 0.1%CVE-2026-50573MEDIUMpnpm: Unsafe default behavior breaks integrity checkEPSS 0.1%CVE-2026-33243HIGHbarebox: FIT Signature Verification Bypass VulnerabilityEPSS 0.1%CVE-2026-32323HIGHMullvad VPN for macOS: Local Privilege Escalation via unverified bundle path in installerEPSS 0.1%CVE-2026-24775MEDIUMOpenProject has Forced Actions, Content Spoofing, and Persistent DoS via ID Manipulation in OpenProject Blocknote Editor ExtensionEPSS 0.1%CVE-2022-48431MEDIUMIn JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be imported without the “Trust Project” confirmationEPSS 0.1%CVE-2026-54288MEDIUMHono: Body Limit Middleware can be bypassed on AWS Lambda by understating `Content-Length`EPSS 0.1%CVE-2023-20570LOWInsufficient verification of data authenticity in
the configuration state machine may allow a local attacker to potentially load
arbitrary bEPSS 0.1%CVE-2026-48096MEDIUMOpenFGA: Cache-key delimiter injection in openfga/openfga shared-iterator and v2 iterator caches enables intra-store authorization-decision poisoningEPSS 0.1%CVE-2026-53900MEDIUMCookie injection was possible when opening a PDF linkEPSS 0.1%CVE-2023-21441HIGHInsufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q(10), 3.1.21.10 in Android R(EPSS 0.1%CVE-2026-26327HIGHOpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinningEPSS 0.1%CVE-2026-53899MEDIUMCross-origin cookies could be leaked when opening a PDF linkEPSS 0.1%CVE-2026-54266HIGHAngular: Weak 32-Bit Cache Key Hashing in `HttpTransferCache` Leading to Cross-Request Data Leakage and State PoisoningEPSS 0.1%