Falhas do tipo CWE-754
407 resultadosCVE-2024-4367MEDIUMA type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulneraEPSS 72.6%CVE-2022-39288HIGHDenial of service in Fastify via Content-Type headerEPSS 59.2%CVE-2023-41993HIGHThe issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execEPSS 29.2%KEVCVE-2024-43044HIGHJenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system byEPSS 28.8%CVE-2024-3393HIGHPAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted PacketEPSS 26.6%KEVCVE-2026-40343MEDIUMfree5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creationEPSS 10.0%CVE-2022-23712—A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an EPSS 7.4%CVE-2023-41992HIGHThe issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A loEPSS 2.9%KEVCVE-2021-32946—An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prioEPSS 2.8%CVE-2018-7789MEDIUMAn Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, aEPSS 2.8%CVE-2022-21676HIGHUncaught Exception in engine.ioEPSS 2.8%CVE-2019-11779—In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approEPSS 2.7%CVE-2019-6813—A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmwaEPSS 2.1%CVE-2020-3421HIGHCisco IOS XE Software Zone-Based Firewall Denial of Service VulnerabilitiesEPSS 1.9%CVE-2020-36382—OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentEPSS 1.9%CVE-2021-41135MEDIUMAuthz Module Non-DeterminismEPSS 1.7%CVE-2019-6856HIGHA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, ModiconEPSS 1.6%CVE-2019-6857HIGHA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, ModiconEPSS 1.6%CVE-2021-39162HIGHIncorrect handling of H2 GOAWAY + SETTINGS framesEPSS 1.6%CVE-2021-43801HIGHUncaught Exception in mercuriusEPSS 1.5%