Fallos del tipo CWE-20
4751 resultadosCVE-2026-11207CRITICALInsufficient validation of untrusted input in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perfEPSS 0.2%CVE-2026-31805MEDIUMDiscourse has a poll authorization bypass via post_id array parameterEPSS 0.2%CVE-2025-31259HIGHA privacy issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS EPSS 0.2%CVE-2025-64747MEDIUMDirectus Vulnerable to Stored Cross-site ScriptingEPSS 0.2%CVE-2025-0178MEDIUMWatchGaurd Firebox Host Header Injection VulnerabilityEPSS 0.2%CVE-2025-61084HIGHMDaemon Mail Server 23.5.2 validates SPF, DKIM, and DMARC using the email enclosed in angle brackets (<>) in the From: header of SMTP DATA. EPSS 0.2%CVE-2025-12740HIGHRemote Command Execution in Looker via IBM DB2 JDBC driveEPSS 0.2%CVE-2026-56325LOWCapgo - App ID Confusion via ILIKE Wildcard in Preview Subdomain LookupEPSS 0.2%CVE-2023-2264MEDIUMImproper input validition could lead to code injectionEPSS 0.2%CVE-2025-12741HIGHArbitrary File Write in Denodo dialect of Looker allows Remote Code ExecutionEPSS 0.2%CVE-2026-28852MEDIUMA stack overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4EPSS 0.2%CVE-2022-33709—Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch aEPSS 0.2%CVE-2021-1519MEDIUMCisco AnyConnect Secure Mobility Client Profile Modification VulnerabilityEPSS 0.2%CVE-2025-46340HIGHMisskey CSS Style Injection Vulnerability In `MkUrlPreview`EPSS 0.2%CVE-2026-14116MEDIUMInsufficient validation of untrusted input in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a useEPSS 0.2%CVE-2022-33708—Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch aEPSS 0.2%CVE-2024-56437MEDIUMVulnerability of input parameters not being verified in the widget framework module
Impact: Successful exploitation of this vulnerability maEPSS 0.2%CVE-2026-11666MEDIUMInsufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofinEPSS 0.2%CVE-2022-33710—Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launcEPSS 0.2%CVE-2026-42390MEDIUMZONEMD validation can be bypassedEPSS 0.2%