Fallos del tipo CWE-20

4713 resultados
CVE-2024-38307HIGHImproper input validation in the firmware for some Intel(R) AMT and Intel(R) Standard Manageability may allow an authenticated user to potenEPSS 0.6%CVE-2025-4377HIGHPath traversal vulnerability in Sparx Pro Cloud Server WebEA webconfig in logview.phpEPSS 0.6%CVE-2026-48055CRITICALStreambert: Arbitrary File Write (Zip Slip) via Subtitle ExtractionEPSS 0.6%CVE-2024-26151HIGHPotentially untrusted input is rendered as HTML in final outputEPSS 0.6%CVE-2023-51931HIGHAn issue in alanclarke URLite v.3.1.0 allows an attacker to cause a denial of service (DoS) via a crafted payload to the parsing function.EPSS 0.6%CVE-2023-29026MEDIUMRockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting AttackEPSS 0.6%CVE-2014-125114HIGHi-Ftp 2.20 Schedule.xml Stack-Based Buffer OverflowEPSS 0.6%CVE-2026-44336CRITICALPraisonAI MCP `tools/call` path-traversal and RCE via Python `.pth` injectionEPSS 0.6%CVE-2024-29008MEDIUMApache CloudStack: The extraconfig feature can be abused to load hypervisor resources on a VM instanceEPSS 0.6%CVE-2025-53652HIGHJenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to the build matches oEPSS 0.6%CVE-2025-34226HIGHOpenPLC Runtime v3 Persistent DoSEPSS 0.6%CVE-2023-28113MEDIUMrussh may use insecure Diffie-Hellman keysEPSS 0.6%CVE-2023-28291HIGHRaw Image Extension Remote Code Execution VulnerabilityEPSS 0.6%CVE-2023-22898MEDIUMworkers/extractor.py in Pandora (aka pandora-analysis/pandora) 1.3.0 allows a denial of service when an attacker submits a deeply nested ZIPEPSS 0.6%CVE-2022-27897MEDIUMPalantir Gotham included an endpoint that would log arbitrary sized zip files. EPSS 0.6%CVE-2022-41836HIGHBIG-IP Advanced WAF and ASM bd vulnerability CVE-2022-41836EPSS 0.6%CVE-2026-33218HIGHNATS has pre-auth server panic via leafnode handlingEPSS 0.6%CVE-2022-27892MEDIUMPalantir Gotham included an endpoint that would log arbitrary sized payloads. EPSS 0.6%CVE-2023-20522HIGHInsufficient input validation in ASP may allow an attacker with a malicious BIOS to potentially cause a denial of service. EPSS 0.6%CVE-2023-20530HIGHInsufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of EPSS 0.6%