Fallos del tipo CWE-20
4749 resultadosCVE-2026-11066CRITICALInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially performEPSS 0.3%CVE-2026-20256MEDIUMImproper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk EnterpriseEPSS 0.3%CVE-2026-11659CRITICALInteger overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape vEPSS 0.3%CVE-2025-53075MEDIUMImproper Input Validation vulnerability in Samsung Open Source rLottie allows Path Traversal.This issue affects rLottie: V0.2.EPSS 0.3%CVE-2026-29135MEDIUMWebmail Password Tag Sanitization BypassEPSS 0.3%CVE-2023-45167MEDIUMIBM AIX denial of serviceEPSS 0.3%CVE-2025-10460CRITICALUnsanitized parameter input leading to SQL Injection vulnerabilityEPSS 0.3%CVE-2026-47181HIGHPenguinMod-BackendApi: NoSQL Injection in Password Reset Endpoint Allows Account TakeoverEPSS 0.3%CVE-2026-56151MEDIUMImproper Input Validation in Kibana Leading to Denial of ServiceEPSS 0.3%CVE-2022-22423MEDIUMIBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service EPSS 0.3%CVE-2022-24925MEDIUMImproper input validation vulnerability in SettingsProvider prior to Android S(12) allows privileged attackers to trigger a permanent denialEPSS 0.3%CVE-2026-56306MEDIUMCapgo - Subkey Enforcement Bypass via x-limited-key-id Header ParsingEPSS 0.3%CVE-2024-36284MEDIUMImproper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enaEPSS 0.3%CVE-2026-14118MEDIUMInsufficient data validation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage inEPSS 0.3%CVE-2026-20020MEDIUMA vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjEPSS 0.3%CVE-2026-45013HIGHApostrophe has a Weak Password Recovery Mechanism for Forgotten Password and Improper Input ValidationEPSS 0.3%CVE-2026-29143HIGHS/MIME Decryption ImpersonationEPSS 0.3%CVE-2024-27805MEDIUMAn issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and EPSS 0.3%CVE-2025-8414CRITICALZigbee Green Power Host Buffer Overflow VulnerabilityEPSS 0.2%CVE-2026-37458MEDIUMMissing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to causEPSS 0.2%