Fallos del tipo CWE-704
77 resultadosCVE-2025-54429MEDIUMPolkadot Frontier's constructing smart contract can bypass precompile address boundingEPSS 0.4%CVE-2026-44324MEDIUMfree5GC: UDR nudr-dr DELETE amf-subscriptions panics on missing UE state via nil interface type assertion (single authenticated request)EPSS 0.4%CVE-2026-27809MEDIUMpsd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gapsEPSS 0.4%CVE-2022-41911MEDIUMInvalid char to bool conversion when printing a tensor in TensorflowEPSS 0.4%CVE-2026-44223MEDIUMvLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parametersEPSS 0.4%CVE-2025-1057MEDIUMKeylime: keylime registrar dos due to incompatible database entry handlingEPSS 0.4%CVE-2024-36735MEDIUMOneFlow-Inc. Oneflow v0.9.1 does not display an error or warning when the oneflow.eye parameter is floating.EPSS 0.4%CVE-2026-25518MEDIUMcert-manager-controller DoS via Specially Crafted DNS ResponseEPSS 0.3%CVE-2023-33101HIGHIncorrect Type Conversion or Cast in Multi-Mode Call ProcessorEPSS 0.3%CVE-2021-4456MEDIUMNet::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impactEPSS 0.3%CVE-2026-21692HIGHiccDEV has Type Confusion in ToXmlCurve() at IccXML/IccLibXML/IccMpeXml.cppEPSS 0.3%CVE-2025-71002MEDIUMA floating-point exception (FPE) in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) viEPSS 0.3%CVE-2026-34379HIGHOpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (DWA/DWAB decompression)EPSS 0.3%CVE-2023-7345MEDIUMLedger Live hw-app-eth EIP-712 Message Parsing Integer TruncationEPSS 0.3%CVE-2026-48140HIGHUnchecked enum cast vulnerability in NI grpc-device in BeginSidebandStreamEPSS 0.3%CVE-2026-25503HIGHiccDEV Has Type Confusion in CIccTagEmbeddedHeightImage::Validate()EPSS 0.3%CVE-2026-42576MEDIUMapko `DiscoverKeys` has a panic on non-rsa jwks key that causes crash during key discoveryEPSS 0.3%CVE-2024-35303HIGHA vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0012), Tecnomatix Plant Simulation V2404 (AllEPSS 0.3%CVE-2026-25613HIGHAn unsafe cast in the MongoDB query planner can result in a segmentation fault.EPSS 0.2%CVE-2025-13720HIGHBad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentiallyEPSS 0.2%