Fallos del tipo CWE-20

4743 resultados
CVE-2026-11022MEDIUMInsufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromisedEPSS 0.3%CVE-2024-45601HIGHLocal file Inclusion via static file serving functionality in MesopEPSS 0.3%CVE-2024-6254MEDIUMBrizy – Page Builder <= 2.5.1 - Cross-Site Request ForgeryEPSS 0.3%CVE-2021-22484HIGHSome Huawei wearables have a vulnerability of not verifying the actual data size when reading data. Successful exploitation of this vulnEPSS 0.3%CVE-2026-11016MEDIUMInsufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised EPSS 0.3%CVE-2026-41670HIGHAdmidio: SAML Response Sent to Unvalidated Assertion Consumer Service URL from AuthnRequestEPSS 0.3%CVE-2026-10912MEDIUMInsufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromisEPSS 0.3%CVE-2024-38811HIGHCode-execution vulnerabilityEPSS 0.3%CVE-2017-2614MEDIUMWhen updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password ifEPSS 0.3%CVE-2023-42981MEDIUMProcessing a file may lead to a denial-of-service or potentially disclose memory contents. This issue is fixed in macOS 14. The issue was adEPSS 0.3%CVE-2025-66451MEDIUMLibreChat's Improper Input Validation in Prompt Creation API Enables Unauthorized Permission ChangesEPSS 0.3%CVE-2026-11086HIGHInappropriate implementation in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer procEPSS 0.3%CVE-2022-21933MEDIUMASUS VivoMini/Mini PC - improper input validationEPSS 0.3%CVE-2026-58292HIGHMicrosoft Edge (Chromium-based) Remote Code Execution VulnerabilityEPSS 0.3%CVE-2026-22700HIGHRustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKEEPSS 0.3%CVE-2025-66866MEDIUMAn issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafEPSS 0.3%CVE-2026-14087HIGHHeap buffer overflow in WebNN in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer EPSS 0.3%CVE-2026-49475HIGHFreeSWITCH: Out-of-bounds memory access in core STUN attribute parsingEPSS 0.3%CVE-2024-39606MEDIUMImproper input validation in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unEPSS 0.3%CVE-2025-59886HIGHImproper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access tEPSS 0.3%