Falhas do tipo CWE-20
4.751 resultadosCVE-2026-10912MEDIUMInsufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromisEPSS 0.3%CVE-2024-45601HIGHLocal file Inclusion via static file serving functionality in MesopEPSS 0.3%CVE-2026-41670HIGHAdmidio: SAML Response Sent to Unvalidated Assertion Consumer Service URL from AuthnRequestEPSS 0.3%CVE-2021-1454MEDIUMCisco IOS XE SD-WAN Software Parameter Injection VulnerabilitiesEPSS 0.3%CVE-2026-11016MEDIUMInsufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised EPSS 0.3%CVE-2025-66866MEDIUMAn issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafEPSS 0.3%CVE-2026-22700HIGHRustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKEEPSS 0.3%CVE-2026-14087HIGHHeap buffer overflow in WebNN in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer EPSS 0.3%CVE-2026-58292HIGHMicrosoft Edge (Chromium-based) Remote Code Execution VulnerabilityEPSS 0.3%CVE-2024-39606MEDIUMImproper input validation in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unEPSS 0.3%CVE-2025-59886HIGHImproper input validation at one of the endpoints of Eaton xComfort ECI's
web interface, could lead into an attacker with network access tEPSS 0.3%CVE-2026-26935MEDIUMImproper Input Validation in Kibana Leading to Denial of ServiceEPSS 0.3%CVE-2024-23294HIGHThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.4. Processing malicious input may lead to cEPSS 0.3%CVE-2025-64759HIGHHomarr is Vulnerable to Stored Cross-Site Scripting (XSS) and Possible Privilege Escalation via Malicious SVG UploadEPSS 0.3%CVE-2026-49475HIGHFreeSWITCH: Out-of-bounds memory access in core STUN attribute parsingEPSS 0.3%CVE-2026-46679HIGHlibp2p: Memory DoS via subscription flood of unique topicsEPSS 0.3%CVE-2026-36501HIGHAn issue in the Externalizable.readExternal() component of Controller v12.0.5 allows attackers to cause a Denial of Service (DoS) via a crafEPSS 0.3%CVE-2025-23204MEDIUMGraphQl securityAfterResolver not calledEPSS 0.3%CVE-2024-4028LOWKeycloak-core: stored xss in keycloak when creating a items in admin consoleEPSS 0.3%CVE-2025-57835HIGHAn issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330EPSS 0.3%