Fallos del tipo CWE-20

4746 resultados
CVE-2025-5174MEDIUMerdogant pypickle pypickle.py load deserializationEPSS 0.3%CVE-2026-27607HIGHRustFS's Missing Post Policy Validation leads to Arbitrary Object WriteEPSS 0.3%CVE-2026-12246HIGHOut of bounds stack write with crafted APL RREPSS 0.3%CVE-2026-13877MEDIUMInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised thEPSS 0.3%CVE-2026-13961MEDIUMInsufficient validation of untrusted input in DevTools in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convEPSS 0.3%CVE-2026-23839CRITICALMovary vulnerable to Cross-site Scripting with `?categoryUpdated=` paramEPSS 0.3%CVE-2026-5659MEDIUMpytries datrie trie File datrie.pyx Trie.__setstate__ deserializationEPSS 0.3%CVE-2021-0076MEDIUMImproper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operatiEPSS 0.3%CVE-2026-11255HIGHInsufficient validation of untrusted input in Storage Access API in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had cEPSS 0.3%CVE-2026-25723HIGHClaude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write RestrictionsEPSS 0.3%CVE-2025-58361CRITICALPromptcraft Forge Studio's incomplete URL check is vulnerable to XSS via SVGEPSS 0.3%CVE-2022-28190MEDIUMNVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where imprEPSS 0.3%CVE-2022-30710HIGHImproper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.EPSS 0.3%CVE-2022-30711HIGHImproper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.EPSS 0.3%CVE-2026-11242HIGHInsufficient validation of untrusted input in Plugins in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised EPSS 0.3%CVE-2026-3545CRITICALInsufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbEPSS 0.3%CVE-2026-45291HIGHCloudburst Network erroneously handles invalid connectionsEPSS 0.3%CVE-2024-5533MEDIUMDivi <= 4.25.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-54405HIGHA malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi Network Application to EPSS 0.3%CVE-2021-34755MEDIUMCisco Firepower Threat Defense Software Command Injection VulnerabilitiesEPSS 0.3%