Falhas do tipo CWE-20
4.753 resultadosCVE-2025-32073MEDIUMSystem message XSS in HTMLTagsEPSS 0.2%CVE-2026-8528MEDIUMInsufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had comprEPSS 0.2%CVE-2025-54368MEDIUMuv is vulnerable to ZIP payload obfuscation through parsing differentialsEPSS 0.2%CVE-2026-54299HIGHAstro: Host-header full-read SSRF in core prerendered error-page fetch (prerenderedErrorPageFetch default + unvalidated createRequestFromNodeRequest URL)EPSS 0.2%CVE-2025-32070MEDIUMXSSes in AJAXPollEPSS 0.2%CVE-2023-22662MEDIUMImproper input validation of EpsdSrMgmtConfig in UEFI firmware for some Intel(R) Server Board S2600BP products may allow a privileged user tEPSS 0.2%CVE-2026-22567HIGHZIA Admin UI Input Validation BugEPSS 0.2%CVE-2023-42977HIGHA path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be abEPSS 0.2%CVE-2026-8538MEDIUMInsufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised theEPSS 0.2%CVE-2026-11213CRITICALInsufficient validation of untrusted input in Reading Mode in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromEPSS 0.2%CVE-2024-31153MEDIUMImproper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentiaEPSS 0.2%CVE-2026-21272HIGHDreamweaver Desktop | Improper Input Validation (CWE-20)EPSS 0.2%CVE-2022-48189MEDIUMAn SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privEPSS 0.2%CVE-2023-38719MEDIUMIBM Db2 denial of serviceEPSS 0.2%CVE-2025-58759MEDIUMTinyEnv: Inline comments not stripped properly in .env valuesEPSS 0.2%CVE-2026-5915HIGHInsufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bEPSS 0.2%CVE-2025-52451HIGHImproper Input Validation vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - create-data-source-from-file-upload modEPSS 0.2%CVE-2026-20685MEDIUMAn attacker in a privileged network position may be able to leak sensitive information. A path handling issue was addressed with improved vaEPSS 0.2%CVE-2026-13990MEDIUMInsufficient validation of untrusted input in DataTransfer in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who EPSS 0.2%CVE-2025-31966LOWBoolean-Based SQL Injection in Multiple Unica ComponentsEPSS 0.2%