Falhas do tipo CWE-436
76 resultadosCVE-2024-24753MEDIUMBref Multiple Value Headers Not Supported in ApiGatewayFormatV2EPSS 0.4%CVE-2023-40718MEDIUMA interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packeEPSS 0.4%CVE-2023-45715LOWHCL BigFix Platform is susceptible to a Denial of Service attackEPSS 0.4%CVE-2026-42272HIGHHeimdall: Case-sensitive handling of URL-encoded slashes may lead to inconsistent path interpretationEPSS 0.4%CVE-2024-20293MEDIUMA vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower ThEPSS 0.4%CVE-2026-40165HIGHauthentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier TruncationEPSS 0.4%CVE-2026-0958HIGHInterpretation Conflict in GitLabEPSS 0.4%CVE-2026-8034HIGHServer-side request forgery vulnerability in GitHub Enterprise Server notebook viewer via URL parser confusionEPSS 0.4%CVE-2023-52892HIGHIn phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alternative Name fields in TLS certificatesEPSS 0.4%CVE-2026-42274HIGHHeimdall: Authorization bypass via path normalization mismatchEPSS 0.4%CVE-2025-66490MEDIUMTraefik doesn't Prevent Path Normalization Bypass in Router + Middleware RulesEPSS 0.3%CVE-2026-41248CRITICALOfficial Clerk JavaScript SDKs: Middleware-based route protection bypassEPSS 0.3%CVE-2026-42551HIGHFlight: HTTP method override enabled by default enables CSRF escalation and middleware bypass in flightphp/coreEPSS 0.3%CVE-2023-22998MEDIUMIn the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expectsEPSS 0.3%CVE-2026-42273HIGHHeimdall: Case-sensitive host matching may lead to policy bypassEPSS 0.3%CVE-2026-32065MEDIUMOpenClaw < 2026.2.25 - Approval Identity Mismatch in system.run Command ExecutionEPSS 0.3%CVE-2026-47344LOWTYPO3 HTML Sanitizer allows Cross-Site ScriptingEPSS 0.3%CVE-2026-33804HIGH@fastify/middie vulnerable to middleware bypass via deprecated ignoreDuplicateSlashes optionEPSS 0.3%CVE-2026-6322HIGHfast-uri vulnerable to host confusion via percent-encoded authority delimitersEPSS 0.3%CVE-2026-27896HIGHMCP Go SDK Vulnerable to Improper Handling of Case SensitivityEPSS 0.3%