Fallos del tipo CWE-20

4749 resultados
CVE-2026-33882MEDIUMStatamic's Markdown preview endpoint exposes sensitive user dataEPSS 0.3%CVE-2022-28193MEDIUMNVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted daEPSS 0.3%CVE-2021-20297A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highesEPSS 0.3%CVE-2024-21452HIGHImproper Input Validation in Automotive TelematicsEPSS 0.3%CVE-2024-3938MEDIUMThe "reset password" login page accepted an HTML injection via URL parameters. This has already been rectified via patch, and as such it caEPSS 0.3%CVE-2021-35531Remote Code Execution in TXpert Hub CoreTec 4EPSS 0.3%CVE-2026-14055CRITICALInsufficient validation of untrusted input in Device Trust in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who EPSS 0.3%CVE-2026-14411CRITICALInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially performEPSS 0.3%CVE-2024-45301MEDIUMZDI-CAN-24744: Mintty Path Conversion Improper Input Validation Information Disclosure VulnerabilityEPSS 0.3%CVE-2025-13826HIGHIncorrect input validation on the Zervit portable HTTP/Web serverEPSS 0.3%CVE-2026-11066CRITICALInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially performEPSS 0.3%CVE-2026-14106CRITICALInsufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compEPSS 0.3%CVE-2024-23790LOWMissing file type check in avatar picture uploadEPSS 0.3%CVE-2026-0051MEDIUMIn multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a system crash due to improper input validation. This EPSS 0.3%CVE-2026-14009HIGHInappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corrEPSS 0.3%CVE-2026-13603CRITICALSSRF with API key leak in pretix-oppwaEPSS 0.3%CVE-2026-14078HIGHInsufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege EPSS 0.3%CVE-2026-4451HIGHInsufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromiEPSS 0.3%CVE-2022-1107MEDIUMDuring an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovereEPSS 0.3%CVE-2025-61652LOWAction API discussiontoolspageinfo does not check for authorizeRead for the pageEPSS 0.3%