Falhas do tipo CWE-75
34 resultadosCVE-2021-22911—A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injectioEPSS 95.2%CVE-2024-0801HIGHUnauthenticated DoS in Arcserve Unified Data ProtectionEPSS 41.8%CVE-2021-39174HIGHConfiguration leakEPSS 3.9%CVE-2026-29042HIGHNuclio Shell Runtime Command Injection Leading to Privilege EscalationEPSS 2.4%CVE-2021-22910—A sanitization vulnerability exists in Rocket.Chat server versions <3.13.2, <3.12.4, <3.11.4 that allowed queries to an endpoint which couldEPSS 2.3%CVE-2024-27622HIGHA remote code execution vulnerability has been identified in the User Defined Tags module of CMS Made Simple version 2.2.19 / 2.2.21. This vEPSS 2.0%CVE-2023-27533CRITICALA vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliEPSS 2.0%CVE-2023-40743CRITICALApache Axis 1.x (EOL) may allow RCE when untrusted input is passed to getServiceEPSS 1.9%CVE-2022-24039—A vulnerability has been identified in Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). TEPSS 1.8%CVE-2024-0044HIGHIn createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could leEPSS 1.5%CVE-2016-9471—Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't properly sanitised when creating users on aEPSS 1.4%CVE-2024-39227CRITICALGL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16,EPSS 1.2%CVE-2024-35373CRITICALMocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php.EPSS 1.2%CVE-2024-37779HIGHWoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the Apache Ant scriptEPSS 1.1%CVE-2024-31809HIGHTOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the FileName parameter in thEPSS 1.0%CVE-2024-21503MEDIUMVersions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_eEPSS 1.0%CVE-2023-23912HIGHA vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.56 and earlier with tEPSS 0.9%CVE-2022-48217HIGHThe tf_remapper_node component 1.1.1 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in tEPSS 0.7%CVE-2025-50213CRITICALApache Airflow Providers Snowflake: Potential SQL injection in CopyFromExternalStageToSnowflakeOperatorEPSS 0.6%CVE-2023-1758HIGHFailure to Sanitize Special Elements into a Different Plane (Special Element Injection) in thorsten/phpmyfaqEPSS 0.5%