Fallos del tipo CWE-346
379 resultadosCVE-2026-2611CRITICALImproper Origin Validation in mlflow/mlflowEPSS 0.3%CVE-2022-23763HIGHDOUZONE BIZON NeoRS file download and execute vulnerabilityEPSS 0.3%CVE-2024-51037MEDIUMAn issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information via the captcha feature in the password resEPSS 0.3%CVE-2022-3457LOWOrigin Validation Error in ikus060/rdiffwebEPSS 0.3%CVE-2025-21511HIGHVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are EPSS 0.3%CVE-2023-3654CRITICALOrigin Check BypassEPSS 0.3%CVE-2026-42901CRITICALMicrosoft Entra ID Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2024-36472MEDIUMIn GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided bEPSS 0.3%CVE-2025-71217HIGHAn origin validation error vulnerability in the Trend Micro Apex One (mac) agent self-protection mechanism could allow a local attacker to eEPSS 0.3%CVE-2025-1083LOWMindskip xzs-mysql 学之思开源考试系统 CORS cross-domain policyEPSS 0.3%CVE-2024-10460MEDIUMThe origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects EPSS 0.3%CVE-2024-8024HIGHCORS Misconfiguration in netease-youdao/qanythingEPSS 0.3%CVE-2025-12245MEDIUMchatwoot Widget IFrameHelper.js initPostMessageCommunication origin validationEPSS 0.3%CVE-2024-5549HIGHData leak through CORS misconfiguration in stitionai/devikaEPSS 0.3%CVE-2025-30360MEDIUMwebpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browserEPSS 0.3%CVE-2022-29915MEDIUMThe Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects. This vulnerability affectEPSS 0.3%CVE-2025-24010MEDIUMVite allows any websites to send any requests to the development server and read the responseEPSS 0.3%CVE-2024-11602HIGHCORS Vulnerability in feast-dev/feastEPSS 0.3%CVE-2026-32634HIGHGlances Central Browser Autodiscovery Leaks Reusable Credentials to Zeroconf-Spoofed ServersEPSS 0.3%CVE-2025-4515MEDIUMZylon PrivateGPT settings.yaml cross-domain policyEPSS 0.3%