Fallos del tipo CWE-20
4736 resultadosCVE-2021-29913MEDIUMIBM Security Verify Privilege improper input validationEPSS 0.4%CVE-2023-32820HIGHIn wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with noEPSS 0.4%CVE-2022-43484HIGHTERASOLUNA Global Framework 1.0.0 (Public review version) and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2 to 2.0.5.1 are vulnerable EPSS 0.4%CVE-2026-34712HIGHCAI Content Credentials | Improper Input Validation (CWE-20)EPSS 0.4%CVE-2025-11958MEDIUMAn improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticatEPSS 0.4%CVE-2024-1471MEDIUMHTML Injection VulnerabilityEPSS 0.4%CVE-2026-8759MEDIUMxiandafu beetl SpELFunction SpELFunction.java expression language injectionEPSS 0.4%CVE-2021-41133HIGHSandbox bypass via recent VFS-manipulating syscallsEPSS 0.4%CVE-2022-25818MEDIUMImproper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution.EPSS 0.4%CVE-2023-0896HIGHA default password was reported in Lenovo Smart Clock Essential with Alexa Built In that could allow unauthorized device access to an attackEPSS 0.4%CVE-2023-2267MEDIUMImproper input validation could lead to reflection injection attacksEPSS 0.4%CVE-2026-44319HIGHfree5GC: NEF crashes via logger.Fatal on PFD notification delivery failure (attacker-controlled notifyUri)EPSS 0.4%CVE-2025-54250MEDIUMAdobe Experience Manager | Improper Input Validation (CWE-20)EPSS 0.4%CVE-2018-25160MEDIUMHTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backendEPSS 0.4%CVE-2025-50490HIGHImproper session invalidation in the component /elms/emp-changepassword.php of PHPGurukul Student Result Management System v2.0 allows attacEPSS 0.4%CVE-2023-6781MEDIUMOrbit Fox Companion <= 2.10.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via custom fieldsEPSS 0.4%CVE-2024-7005HIGHInsufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced EPSS 0.4%CVE-2026-39998MEDIUMApache APISIX: Identity Injection via forward-auth Plugin Missing Header CleanupEPSS 0.4%CVE-2022-44756MEDIUMHCL BigFix Insights for Vulnerability Remediation (IVR) is vulnerable to improper input validationEPSS 0.4%CVE-2025-20148HIGHCisco Secure Firewall Management Center HTML Injection VulnerabilityEPSS 0.4%