Fallos del tipo CWE-20
4751 resultadosCVE-2026-11689HIGHInsufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the rendEPSS 0.2%CVE-2026-31251HIGHCosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in EPSS 0.2%CVE-2025-67170MEDIUMA reflected cross-site scripting (XSS) vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user'sEPSS 0.2%CVE-2022-36873MEDIUMImproper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC addressEPSS 0.2%CVE-2023-32469HIGH
Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privilegesEPSS 0.2%CVE-2026-22220MEDIUMImproper Input Validation Leading to DoS on TP-Link Archer BE230EPSS 0.2%CVE-2026-33471CRITICALnimiq-block has skip block quorum bypass via out-of-range BitSet indices & u16 truncationEPSS 0.2%CVE-2026-27443HIGHS/MIME Decryption Tag Sanitization BypassEPSS 0.2%CVE-2026-11079HIGHInsufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of EPSS 0.2%CVE-2026-11070CRITICALInsufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who haEPSS 0.2%CVE-2025-43299MEDIUMA denial-of-service issue was addressed with improved validation. This issue is fixed in iOS 18.7 and iPadOS 18.7, macOS Sequoia 15.7, macOSEPSS 0.2%CVE-2023-42776LOWImproper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100.3 may allow an authenticateed user to potenEPSS 0.2%CVE-2024-21949MEDIUMImproper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading toEPSS 0.2%CVE-2026-44337MEDIUMPraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queriesEPSS 0.2%CVE-2026-11198CRITICALInsufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perforEPSS 0.2%CVE-2026-11112CRITICALInsufficient validation of untrusted input in Chromoting in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had EPSS 0.2%CVE-2026-7966LOWInsufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had comproEPSS 0.2%CVE-2026-9210MEDIUMCertain NETGEAR routers allow authenticated administrators to gain unintended control of the routerEPSS 0.2%CVE-2026-7968LOWInsufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised theEPSS 0.2%CVE-2021-25465LOWAn improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack.EPSS 0.2%