Fallos del tipo CWE-20
4748 resultadosCVE-2025-48985LOWA vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta.9, and 6.0.0-beta. This issue may have allowed users to bypEPSS 0.3%CVE-2021-0159HIGHImproper input validation in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enabEPSS 0.3%CVE-2024-7980HIGHInsufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege eEPSS 0.3%CVE-2026-13341HIGHPrompt Injection and Credential Exposure via Untrusted Analytics Data in Kong Konnect MCPEPSS 0.3%CVE-2026-11660HIGHInsufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had comproEPSS 0.3%CVE-2025-12842MEDIUMBooking Plugin for WordPress Appointments – Time Slot <= 1.4.7 - Unauthenticated Arbitrary Email SendingEPSS 0.3%CVE-2025-67493HIGHHomarr: missing input sanitization and possible privilege escalation through ldap search query injectionEPSS 0.3%CVE-2026-21864MEDIUMRemote DoS from malformed RESTORE commandEPSS 0.3%CVE-2021-26316HIGHFailure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resultingEPSS 0.3%CVE-2025-64176MEDIUMThinkDashboard: Arbitrary File Upload vulnerability in the Backup Import FeatureEPSS 0.3%CVE-2026-33948LOWjq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed InputEPSS 0.3%CVE-2021-44454HIGHImproper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticateEPSS 0.3%CVE-2026-30576HIGHA Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application faEPSS 0.3%CVE-2026-4987HIGHSureForms <= 2.5.2 - Unauthenticated Payment Amount Validation Bypass via 'form_id'EPSS 0.3%CVE-2025-66201HIGHLibreChat is Vulnerable to Server-Side Request Forgery (SSRF) in Actions CapabilityEPSS 0.3%CVE-2026-34688MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2026-34666MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2026-34670MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2023-52368MEDIUMInput verification vulnerability in the account module.Successful exploitation of this vulnerability may cause features to perform abnormallEPSS 0.3%CVE-2026-33882MEDIUMStatamic's Markdown preview endpoint exposes sensitive user dataEPSS 0.3%