Fallos del tipo CWE-20
4753 resultadosCVE-2025-52620MEDIUMHCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-40458HIGHAn issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate privileges via the modification of TCP packets.EPSS 0.2%CVE-2025-4680HIGHImproper Input Validation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Exploiting Incorrectly Configured AccEPSS 0.2%CVE-2025-43472HIGHA validation issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS TEPSS 0.2%CVE-2023-26587HIGHImproper input validation for the Intel(R) Easy Streaming Wizard software may allow an authenticated user to potentially enable escalation oEPSS 0.2%CVE-2024-52051HIGHA vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All versions), SIMATIC S7-PLCSIM V18 (All versions), SIMATIC STEP 7 Safety V17EPSS 0.2%CVE-2026-0903MEDIUMInappropriate implementation in Downloads in Google Chrome on Windows prior to 144.0.7559.59 allowed a remote attacker to bypass dangerous fEPSS 0.2%CVE-2026-44379MEDIUMMISP: Improper UUID validation in MISP CollectionsEPSS 0.2%CVE-2024-33611MEDIUMImproper input validation for some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow a privileged user to poEPSS 0.2%CVE-2026-11701MEDIUMInappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a cEPSS 0.2%CVE-2025-12908MEDIUMInsufficient validation of untrusted input in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perfEPSS 0.2%CVE-2026-11685MEDIUMInappropriate implementation in MediaCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin EPSS 0.2%CVE-2021-25413—Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to get permissions to acEPSS 0.2%CVE-2025-12284MEDIUMLack of Input ValidationEPSS 0.2%CVE-2021-25485HIGHPath traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT EPSS 0.2%CVE-2025-12001CRITICALIncorrect Content-Type HeaderEPSS 0.2%CVE-2026-51598MEDIUMAn input validation vulnerability in the RTSP service of MERCURY MIPC252W IP Camera v1.0.5 Build 230306 Rel.79931n) allows an unauthenticateEPSS 0.2%CVE-2023-45176MEDIUMIBM App Connect Enterprise and IBM Integration Bus denial of serviceEPSS 0.2%CVE-2022-28126MEDIUMImproper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to poEPSS 0.2%CVE-2026-53537LOWPython-Multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parametersEPSS 0.2%