Fallos del tipo CWE-20

4745 resultados
CVE-2025-1440MEDIUMAdvanced iFrame <= 2024.5 - Unauthenticated Settings UpdateEPSS 0.3%CVE-2026-11120CRITICALInsufficient validation of untrusted input in Enterprise Reporting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who hadEPSS 0.3%CVE-2026-11095CRITICALInsufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised tEPSS 0.3%CVE-2026-14382CRITICALInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially performEPSS 0.3%CVE-2022-38076LOWImproper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially EPSS 0.3%CVE-2026-25631MEDIUMDomain allowlist bypass enables credential exfiltrationEPSS 0.3%CVE-2019-1944MEDIUMCisco Adaptive Security Appliance Smart Tunnel VulnerabilitiesEPSS 0.3%CVE-2021-46767MEDIUMInsufficient input validation in the ASP may allow an attacker with physical access, unauthorized write access to memory potentially leadingEPSS 0.3%CVE-2024-23482HIGHZScalerService Local Privilege EscalationEPSS 0.3%CVE-2026-21689MEDIUMiccDEV has Type Confusion in CIccProfileXml::ParseBasic() at IccXML/IccLibXML/IccProfileXml.cppEPSS 0.3%CVE-2021-3452MEDIUMA potential vulnerability in the system shutdown SMI callback function in some ThinkPad models may allow an attacker with local access and eEPSS 0.3%CVE-2024-50560LOWA vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM EPSS 0.3%CVE-2026-54911MEDIUMUltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps()EPSS 0.3%CVE-2024-42175LOWHCL MyXalytics is affected by a weak input validation vulnerabilityEPSS 0.3%CVE-2026-13866MEDIUMInappropriate implementation in Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the rEPSS 0.3%CVE-2021-38122MEDIUMCross-Site Scripting (XSS) in Advance AuthenticationEPSS 0.3%CVE-2026-56228MEDIUMCapgo - Denial of Service via Improper Password Policy Length ValidationEPSS 0.3%CVE-2026-13872CRITICALInsufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to EPSS 0.3%CVE-2026-13962MEDIUMInsufficient data validation in PDF in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer proceEPSS 0.3%CVE-2025-12946MEDIUMImproper input validation in NETGEAR Nighthawk routersEPSS 0.3%