Fallos del tipo CWE-1289
28 resultadosCVE-2024-45179HIGHAn issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to insufficient input validation, the C-MOR web intEPSS 2.6%CVE-2026-48710MEDIUMStarlette has missing Host header validation that poisons request.url.path, bypassing path-based security checksEPSS 1.4%CVE-2026-33515MEDIUMSquid has issues in ICP message handlingEPSS 1.0%CVE-2022-0675MEDIUMPuppet Firewall Module May Leave Unmanaged RulesEPSS 0.9%CVE-2024-8372MEDIUMAngularJS improper sanitization in 'srcset' attributeEPSS 0.6%CVE-2024-45308MEDIUMMySQL & free URL mode allows to hide existing notes in hedgedocEPSS 0.6%CVE-2026-39821CRITICALInvoking failure to reject ASCII-only Punycode-encoded labels in golang.org/x/net/idnaEPSS 0.3%CVE-2026-3563MEDIUMImproper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with EPSS 0.3%CVE-2026-39972HIGHMercure has a Topic Selector Cache Key CollisionEPSS 0.3%CVE-2026-27610HIGHParse Dashboard Has a Cache Key Collision that Leaks Master Key to Read-Only SessionsEPSS 0.3%CVE-2026-33496HIGHOry Oathkeeper has an authentication bypass by cache key confusionEPSS 0.3%CVE-2026-49942HIGHNet::CIDR::Set versions through 0.20 for Perl did not validate network masksEPSS 0.3%CVE-2026-45190MEDIUMNet::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypassEPSS 0.3%CVE-2026-45191MEDIUMNet::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypassEPSS 0.3%CVE-2024-42219HIGH1Password 8 before 8.10.36 for macOS allows local attackers to exfiltrate vault items because XPC inter-process communication validation is EPSS 0.3%CVE-2026-41213MEDIUM@node-oauth/oauth2-server: PKCE code_verifier ABNF not enforced in token exchange allows brute-force redemption of intercepted authorization codesEPSS 0.3%CVE-2026-50090CRITICALAqara OAuth redirect_uri validation bypassEPSS 0.3%CVE-2026-47674MEDIUMHono: IP Restriction bypasses static deny rules for non-canonical IPv6EPSS 0.2%CVE-2026-33729MEDIUMOpenFGA has an Authorization Bypass through cached keysEPSS 0.2%CVE-2026-41239MEDIUMDOMPurify has a SAFE_FOR_TEMPLATES bypass in RETURN_DOM modeEPSS 0.2%