Fallos del tipo CWE-20
4743 resultadosCVE-2025-21370HIGHWindows Virtualization-Based Security (VBS) Enclave Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2025-66923HIGHA Cross-site scripting (XSS) vulnerability in Create/Update Customer(s) in Open Source Point of Sale v3.4.1 allows remote attackers to injecEPSS 0.5%CVE-2024-50343LOWIncorrect response from Validator when input ends with `\n` in symfony/validatorEPSS 0.5%CVE-2024-25656MEDIUMImproper input validation in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS can result in unauthenticated CPE (Customer PremisEPSS 0.5%CVE-2025-66921HIGHA Cross-site scripting (XSS) vulnerability in Create/Update Item(s) Module in Open Source Point of Sale v3.4.1 allows remote attackers to inEPSS 0.5%CVE-2023-23409MEDIUMClient Server Run-Time Subsystem (CSRSS) Information Disclosure VulnerabilityEPSS 0.5%CVE-2025-6279MEDIUMUpsonic Pickle add_tool cloudpickle.loads deserializationEPSS 0.5%CVE-2023-32463LOW
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticateEPSS 0.5%CVE-2023-31011MEDIUMNVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploitEPSS 0.5%CVE-2025-2376MEDIUMviames Pair Framework PHP Object UserRemember.php getCookieContent deserializationEPSS 0.5%CVE-2024-30110LOWLack of input validation vulnerability affects DRYiCE AEX v10EPSS 0.5%CVE-2026-45685HIGHOpenTelemetry eBPF Instrumentation: MongoDB parser panics on malformed wire messagesEPSS 0.5%CVE-2025-34047HIGHLeadsec VPN Path Traversal Arbitrary File ReadEPSS 0.5%CVE-2025-29955MEDIUMWindows Hyper-V Denial of Service VulnerabilityEPSS 0.5%CVE-2025-69251MEDIUMfree5GC has Improper Input Validation in UDM, Leading to Information ExposureEPSS 0.5%CVE-2024-26290HIGHAuthenticated Remote Command Injection affecting Avid NEXISEPSS 0.5%CVE-2024-43115HIGHApache DolphinScheduler: Alert Script AttackEPSS 0.5%CVE-2021-44545MEDIUMImproper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentialEPSS 0.5%CVE-2025-12305MEDIUMquequnlong shiyi-blog Job SysJobController.java deserializationEPSS 0.5%CVE-2025-34123HIGHVideoCharge Studio 2.12.3.685 SEH Buffer Overflow via .VSC FileEPSS 0.5%