Fallos del tipo CWE-20

4743 resultados
CVE-2024-27613HIGHNumbas editor before 7.3 mishandles reading of themes and extensions.EPSS 0.5%CVE-2026-31900HIGHBlack's vulnerable version parsing leads to RCE in GitHub ActionEPSS 0.5%CVE-2024-7974HIGHInsufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruptEPSS 0.5%CVE-2023-21558HIGHWindows Error Reporting Service Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2023-21767HIGHWindows Overlay Filter Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2025-0423MEDIUMMultiple Unauthenticated Stored Cross-Site ScriptingEPSS 0.5%CVE-2020-3487HIGHCisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service VulnerabilitiesEPSS 0.5%CVE-2021-25738MEDIUMCode exec via yaml parsingEPSS 0.5%CVE-2025-59952HIGHminio-java Client XML Tag is Vulnerable to Value SubstitutionEPSS 0.5%CVE-2025-59190MEDIUMWindows Search Service Denial of Service VulnerabilityEPSS 0.5%CVE-2025-2043MEDIUMLinZhaoguan pb-cms Add New Topic admin#themes deserializationEPSS 0.5%CVE-2021-39263MEDIUMA crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < EPSS 0.5%CVE-2022-38408HIGHAdobe Illustrator Improper Input Validation Arbitrary code executionEPSS 0.5%CVE-2020-3428HIGHCisco IOS XE Wireless Controller Software for the Catalyst 9000 Family WLAN Local Profiling Denial of Service VulnerabilityEPSS 0.5%CVE-2025-6625HIGHCWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to theEPSS 0.5%CVE-2020-3434MEDIUMCisco AnyConnect Secure Mobility Client for Windows Denial of Service VulnerabilityEPSS 0.5%CVE-2021-39256MEDIUMA crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22.EPSS 0.5%CVE-2025-36114MEDIUMIBM QRadar SOAR Plugin App path traversalEPSS 0.5%CVE-2020-12521MEDIUMPhoenix Contact PLCnext Control Devices versions before 2021.0 LTS: A specially crafted LLDP packet may lead to a high system load in the PROFINET stack.EPSS 0.5%CVE-2021-25682HIGHapport improperly parses /proc/pid/statusEPSS 0.5%