Falhas do tipo CWE-358
105 resultadosCVE-2024-55599MEDIUMAn Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all verEPSS 0.3%CVE-2025-62585HIGHWhale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a specific scheme in a dual-tab environment.EPSS 0.3%CVE-2025-59147HIGHSuricata is Vulnerable to Detection Bypass via Crafted Multiple SYN PacketsEPSS 0.3%CVE-2024-12056LOWClient Secret not checked with OAuth Password grant typeEPSS 0.3%CVE-2024-27842HIGHThe issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to execute arbitrary code with keEPSS 0.3%CVE-2025-3069HIGHInappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalationEPSS 0.3%CVE-2026-48797CRITICALBackpropagate: backprop ui --auth and backprop ui --share do not enforce authenticationEPSS 0.3%CVE-2023-39403CRITICALParameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be reaEPSS 0.3%CVE-2025-13333MEDIUMIBM WebSphere Application Server could provide weaker than expected securityEPSS 0.3%CVE-2025-66600HIGHA vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product lacks
HSTS (HTTP Strict Transport SeEPSS 0.3%CVE-2020-8352LOWIn some Lenovo Desktop models, the Configuration Change Detection BIOS setting failed to detect SATA configuration changes.EPSS 0.3%CVE-2020-9295MEDIUMFortiOS 6.2 running AV engine version 6.00142 and below, FortiOS 6.4 running AV engine version 6.00144 and below and FortiClient 6.2 runningEPSS 0.3%CVE-2024-5500MEDIUMInappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions viaEPSS 0.3%CVE-2018-7685HIGHlibzypp does not reevaluate malicious rpms once downloadedEPSS 0.3%CVE-2026-42081MEDIUMfree5GC: UE Security Capability bypass on NGAP PathSwitchRequestEPSS 0.3%CVE-2025-49011LOWSpiceDB checks involving relations with caveats can result in no permission when permission is expectedEPSS 0.3%CVE-2025-66603LOWA vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The web server accepts
the OPTIONS method. An attEPSS 0.3%CVE-2025-62002MEDIUMBullWall Ransomware Containment file count detection bypassEPSS 0.3%CVE-2026-42082LOWfree5GC: Missing Concurrent NAS SMC Validation During NGAP HandoverEPSS 0.3%CVE-2025-69234CRITICALWhale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment.EPSS 0.3%