Fallos del tipo CWE-20
4737 resultadosCVE-2019-1656MEDIUMCisco Enterprise NFV Infrastructure Software Linux Shell Access VulnerabilityEPSS 0.4%CVE-2026-29046CRITICALTinyWeb: HTTP Header Control Character Injection into CGI EnvironmentEPSS 0.4%CVE-2025-50494HIGHImproper session invalidation in the component /doctor/change-password.php of PHPGurukul Car Washing Management System v1.0 allows attackersEPSS 0.4%CVE-2025-6547CRITICALOn Node.js < 3, pbkdf2 silently disregards Uint8Array input, returning static keysEPSS 0.4%CVE-2025-59207HIGHWindows Kernel Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2022-45871MEDIUMDenial-of-Service (DoS) VulnerabilityEPSS 0.4%CVE-2023-1732MEDIUMImproper random reading in CIRCLEPSS 0.4%CVE-2026-28797HIGHRAGFlow: Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in Agent "Text Processing" ComponentEPSS 0.4%CVE-2025-15438MEDIUMPluXml Media Management medias.php __destruct deserializationEPSS 0.4%CVE-2025-20227MEDIUMInformation Disclosure through external content warning modal dialog box bypass in Splunk Enterprise Dashboard StudioEPSS 0.4%CVE-2022-25595MEDIUMASUS RT-AC86U - Improper Input ValidationEPSS 0.4%CVE-2026-3469LOWA denial-of-service (DoS) vulnerability exists due to improper input validation in the SonicWall Email Security appliance, allowing a remoteEPSS 0.4%CVE-2025-11135MEDIUMpmTicket Project-Management-Software Cookie class.database.php loadLanguage deserializationEPSS 0.4%CVE-2025-3116HIGHCWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an
authenticated malicious user sends specialEPSS 0.4%CVE-2024-41849MEDIUMAdobe Experience Manager | Improper Input Validation (CWE-20)EPSS 0.4%CVE-2023-49610HIGHMachineSense FeverWarn Improper Input ValidationEPSS 0.4%CVE-2021-25471LOWA lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile EPSS 0.4%CVE-2026-14104HIGHInsufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arEPSS 0.4%CVE-2024-51392HIGHAn issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via the url parameter of the getPDF.php componentEPSS 0.4%CVE-2022-34758MEDIUMA CWE-20: Improper Input Validation vulnerability exists that could cause the device watchdog function to be disabled if the attacker had acEPSS 0.4%