Falhas do tipo CWE-20
4.752 resultadosCVE-2025-13826HIGHIncorrect input validation on the Zervit portable HTTP/Web serverEPSS 0.3%CVE-2026-14078HIGHInsufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege EPSS 0.3%CVE-2026-44425MEDIUMShellHub: Crash-DoS via field injection in filter and sort-by parametersEPSS 0.3%CVE-2026-0051MEDIUMIn multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a system crash due to improper input validation. This EPSS 0.3%CVE-2022-1107MEDIUMDuring an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovereEPSS 0.3%CVE-2026-14009HIGHInappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corrEPSS 0.3%CVE-2026-14411CRITICALInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially performEPSS 0.3%CVE-2025-61652LOWAction API discussiontoolspageinfo does not check for authorizeRead for the pageEPSS 0.3%CVE-2026-14055CRITICALInsufficient validation of untrusted input in Device Trust in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who EPSS 0.3%CVE-2026-11659CRITICALInteger overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape vEPSS 0.3%CVE-2025-53075MEDIUMImproper Input Validation vulnerability in Samsung Open Source rLottie allows Path Traversal.This issue affects rLottie: V0.2.EPSS 0.3%CVE-2026-20256MEDIUMImproper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk EnterpriseEPSS 0.3%CVE-2026-29135MEDIUMWebmail Password Tag Sanitization BypassEPSS 0.3%CVE-2023-45167MEDIUMIBM AIX denial of serviceEPSS 0.3%CVE-2022-22423MEDIUMIBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service EPSS 0.3%CVE-2026-47181HIGHPenguinMod-BackendApi: NoSQL Injection in Password Reset Endpoint Allows Account TakeoverEPSS 0.3%CVE-2026-56151MEDIUMImproper Input Validation in Kibana Leading to Denial of ServiceEPSS 0.3%CVE-2026-20020MEDIUMA vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjEPSS 0.3%CVE-2022-24925MEDIUMImproper input validation vulnerability in SettingsProvider prior to Android S(12) allows privileged attackers to trigger a permanent denialEPSS 0.3%CVE-2025-10460CRITICALUnsanitized parameter input leading to SQL Injection vulnerabilityEPSS 0.3%