Fallos del tipo CWE-703
150 resultadosCVE-2025-70758HIGHchetans9 core-php-admin-panel through commit a94a780d6 contains an authentication bypass vulnerability in includes/auth_validate.php. The apEPSS 0.6%CVE-2021-3329CRITICALDOS: Incorrect handling of the initial HCI ACL_MTU handshake packet leads to crash of bluetooth host layerEPSS 0.6%CVE-2023-28965MEDIUMJunos OS: QFX10002: Failure of storm control feature may lead to Denial of ServiceEPSS 0.6%CVE-2019-11245MEDIUMkubelet-started container uid changes to root after first restart or if image is already pulled to the nodeEPSS 0.6%CVE-2021-25380MEDIUMImproper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the useEPSS 0.6%CVE-2022-23002MEDIUMPoint Compression/Decompression of NIST P-256 points with X coordinate of zeroEPSS 0.6%CVE-2022-23004MEDIUMAlgorithm incorrectly returning error and Invalid unreduced value written to output bufferEPSS 0.6%CVE-2022-23003MEDIUMShared secret or Point multiplication of NIST P-256 points with X coordinate of zeroEPSS 0.6%CVE-2024-31883MEDIUMIBM Security Verify Access denial of serviceEPSS 0.6%CVE-2024-27832CRITICALThe issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, wEPSS 0.6%CVE-2022-34472MEDIUMIf there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrecEPSS 0.6%CVE-2024-21629MEDIUMErroneous handling of `record_external_operation` error returnEPSS 0.6%CVE-2023-35867MEDIUMAn improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker toEPSS 0.6%CVE-2023-34348HIGHImproper Check or Handling of Exceptional Conditions in Aveva PI Server EPSS 0.6%CVE-2024-21525HIGHAll versions of the package node-twain are vulnerable to Improper Check or Handling of Exceptional Conditions due to the length of the sourcEPSS 0.5%CVE-2025-43458MEDIUMThis issue was addressed through improved state management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iEPSS 0.5%CVE-2025-59531HIGHUnauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payloadEPSS 0.5%CVE-2025-59538HIGHArgo CD is Vulnerable to Unauthenticated Remote DoS via malformed Azure DevOps git.push webhookEPSS 0.5%CVE-2025-59836MEDIUMOmni is Vulnerable to DoS via Empty Create/Update Resource RequestsEPSS 0.5%CVE-2023-36831HIGHJunos OS: SRX Series: jbuf memory leak when SSL Proxy and UTM Web-Filtering is appliedEPSS 0.5%