Falhas do tipo CWE-20

4.743 resultados
CVE-2026-22255HIGHiccDEV has heap-buffer-overflow in CIccCLUT::Init() at IccProfLib/IccTagLut.cppEPSS 0.4%CVE-2024-3676HIGHThe Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains an Improper Input Validation vulnerability that allows an unEPSS 0.4%CVE-2022-40276MEDIUMZettlr version 2.3.0 allows an external attacker to remotely obtain arbitrary local files on any client that attempts to view a malicious maEPSS 0.4%CVE-2026-24204MEDIUMNVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit EPSS 0.4%CVE-2026-48922HIGHJenkins Credentials Binding Plugin 720.v3f6decef43ea_ and earlier does not properly sanitize file names for file and zip file credentials, aEPSS 0.4%CVE-2026-42812CRITICALApache Polaris: No protection on `write.metadata.path`EPSS 0.4%CVE-2025-23041MEDIUMShort and Long Answer Fields Are Not Validated Server-Side For Maximum Length in Umbraco.FormsEPSS 0.4%CVE-2026-43944CRITICALelecterm: dangerous code can be run through links or command lineEPSS 0.4%CVE-2025-41379MEDIUMInjection vulnerability in Iridium Certus 700EPSS 0.4%CVE-2025-66902HIGHAn input validation issue in in Pithikos websocket-server v.0.6.4 allows a remote attacker to obtain sensitive information or cause unexpectEPSS 0.4%CVE-2025-24002MEDIUMMQTT DoS Vulnerability in German EV Charging StationsEPSS 0.4%CVE-2019-15959MEDIUMCisco Small Business SPA500 Series IP Phones Local Script Execution VulnerabilityEPSS 0.4%CVE-2026-48188CRITICALSQL Injection via MySQL Quote MethodEPSS 0.4%CVE-2022-39017HIGHXSS in all comments fields in M-Files HubshareEPSS 0.4%CVE-2023-21631HIGHImproper Input Validation in ModemEPSS 0.4%CVE-2022-36859MEDIUMImproper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victimEPSS 0.4%CVE-2025-66960HIGHAn issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, function readGGUFV1String reads EPSS 0.4%CVE-2025-13587MEDIUMTwo Factor (2FA) Authentication via Email <= 1.9.8 - Two-Factor Authentication Bypass via tokenEPSS 0.4%CVE-2026-11046HIGHInsufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised thEPSS 0.4%CVE-2026-6409HIGHDenial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted inputEPSS 0.4%