Fallos del tipo CWE-20
4744 resultadosCVE-2024-23294HIGHThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.4. Processing malicious input may lead to cEPSS 0.3%CVE-2024-39606MEDIUMImproper input validation in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unEPSS 0.3%CVE-2026-13706NONEUrlShortener extension url validation can be bypassed due to difference between php url parsing and WHATWGEPSS 0.3%CVE-2025-57835HIGHAn issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330EPSS 0.3%CVE-2025-59886HIGHImproper input validation at one of the endpoints of Eaton xComfort ECI's
web interface, could lead into an attacker with network access tEPSS 0.3%CVE-2025-64759HIGHHomarr is Vulnerable to Stored Cross-Site Scripting (XSS) and Possible Privilege Escalation via Malicious SVG UploadEPSS 0.3%CVE-2024-4028LOWKeycloak-core: stored xss in keycloak when creating a items in admin consoleEPSS 0.3%CVE-2026-36501HIGHAn issue in the Externalizable.readExternal() component of Controller v12.0.5 allows attackers to cause a Denial of Service (DoS) via a crafEPSS 0.3%CVE-2026-49475HIGHFreeSWITCH: Out-of-bounds memory access in core STUN attribute parsingEPSS 0.3%CVE-2025-5992LOWPassing values outside of expected range to QColorTransferGenericFunction can cause a denial of serviceEPSS 0.3%CVE-2026-48108MEDIUMRussh: SSH identification parsing accepted non-canonical client banners and did not bound pre-banner inputEPSS 0.3%CVE-2026-13824HIGHInsufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the rendEPSS 0.3%CVE-2022-3388HIGHInput Validation Vulnerability in Hitachi Energy’s MicroSCADA Pro/X SYS600 ProductsEPSS 0.3%CVE-2022-48321MEDIUMSSRF in agent-receiver APIEPSS 0.3%CVE-2026-13856HIGHInsufficient validation of untrusted input in Speech in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had coEPSS 0.3%CVE-2025-24847MEDIUMImproper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an inEPSS 0.3%CVE-2026-13813HIGHInsufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had compromisEPSS 0.3%CVE-2025-15358HIGHDVP-12SE11T - Denial of Service VulnerabilityEPSS 0.3%CVE-2025-12907HIGHInsufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrarEPSS 0.3%CVE-2026-11095CRITICALInsufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised tEPSS 0.3%