Fallos del tipo CWE-20
4738 resultadosCVE-2026-3912HIGHTIBCO ActiveMatrix BusinessWorks Injection VulnerabilityEPSS 0.3%CVE-2025-53076MEDIUMImproper Input Validation vulnerability in Samsung Open Source rLottie allows Overread Buffers.This issue affects rLottie: V0.2.EPSS 0.3%CVE-2025-70123HIGHAn improper input validation and protocol compliance vulnerability in free5GC v4.0.1 allows remote attackers to cause a denial of service. TEPSS 0.3%CVE-2025-61684HIGHQuicly has assertion failuresEPSS 0.3%CVE-2022-29201MEDIUMMissing validation in `QuantizedConv2D` results in undefined behavior in TensorFlowEPSS 0.3%CVE-2025-0958MEDIUMUltimate WordPress Auction Plugin <= 4.2.9 - Missing Authorization to Arbitrary Post DeletionEPSS 0.3%CVE-2023-25867HIGHAdobe Substance 3D Stager PCX File Parsing Memory Corruption Remote Code Execution VulnerabilityEPSS 0.3%CVE-2023-25865HIGHAdobe Substance 3D Stager OBJ File Parsing Memory Corruption Remote Code Execution VulnerabilityEPSS 0.3%CVE-2025-0051HIGHFlashArray DOS VulnerabilityEPSS 0.3%CVE-2025-46047MEDIUMA User enumeration vulnerability in the /CredentialsServlet/ForgotPassword endpoint in Silverpeas 6.4.1 and 6.4.2 allows remote attackers toEPSS 0.3%CVE-2025-52894MEDIUMOpenBao Vulnerable to Unauthenticated Rekey Operation CancellationEPSS 0.3%CVE-2025-62162HIGHcel-rust May Panic During Parsing of Invalid CEL ExpressionsEPSS 0.3%CVE-2026-43899CRITICALDeepChat: Incomplete Fix for CVE-2025-55733 leads to Remote Code Execution via Markdown Links bypassing `isValidExternalUrl`EPSS 0.3%CVE-2023-38057MEDIUMXSS stored in survey answersEPSS 0.3%CVE-2025-26488HIGHImproper input validation in XML Management service in Infinera MTC-9EPSS 0.3%CVE-2026-48204CRITICALApache Camel: Camel-MongoDB-GridFS: The gridfs.* control headers used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to switch the GridFS operation - including destructive file deletion - in the default configurationEPSS 0.3%CVE-2025-59595HIGHCVE-2025-59595 is an internally discovered denial of service
vulnerability in versions of Secure Access prior to 14.12. An attacker
can seEPSS 0.3%CVE-2026-23825HIGHUnauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling ComponentEPSS 0.3%CVE-2025-3777LOWImproper Input Validation in huggingface/transformersEPSS 0.3%CVE-2026-10980MEDIUMInsufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromisedEPSS 0.3%