Fallos del tipo CWE-20

4748 resultados
CVE-2026-3460MEDIUMREST API TO MiniProgram <= 5.1.2 - Authenticated (Subscriber+) Insecure Direct Object Reference via 'userid' REST API ParameterEPSS 0.3%CVE-2026-42459HIGHfree5GC: Improper Input Validation and Generation of Error Message Containing Sensitive Information in github.com/free5gc/udmEPSS 0.3%CVE-2023-33103HIGHImproper Input Validation in Multi-Mode Call ProcessorEPSS 0.3%CVE-2023-33104HIGHImproper input Validation in Multi-Mode Call ProcessorEPSS 0.3%CVE-2020-16237LOWPhilips SureSigns VS4 Improper Input ValidationEPSS 0.3%CVE-2020-1619MEDIUMJunos OS: QFX10K Series, EX9200 Series, MX Series, PTX Series: Privilege escalation vulnerability in NG-RE.EPSS 0.3%CVE-2023-32480MEDIUM Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerabilEPSS 0.3%CVE-2025-10630MEDIUMRegex DoS in Grafana Zabbix PluginEPSS 0.3%CVE-2022-46701HIGHThe issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. ConnectEPSS 0.3%CVE-2025-40593HIGHA vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0). The affected application allows to control the device by storiEPSS 0.3%CVE-2026-27585MEDIUMCaddy's improper sanitization of glob characters in file matcher may lead to bypassing security protectionsEPSS 0.3%CVE-2023-41781MEDIUMXSS Vulnerability in ZTE MF258 ProductsEPSS 0.3%CVE-2025-59535MEDIUMDotNetNuke.Core allows loading of unused themes on anonymous clients through query parametersEPSS 0.3%CVE-2023-25859HIGHAdobe Illustrator Improper Input Validation Remote Code Execution VulnerabilityEPSS 0.3%CVE-2025-23336MEDIUMNVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause a denial of service by loading aEPSS 0.3%CVE-2023-44183MEDIUMJunos OS: QFX5000 Series, EX4600 Series: In a VxLAN scenario an adjacent attacker within the VxLAN sending genuine packets may cause a DMA memory leak to occur.EPSS 0.3%CVE-2018-10497This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. AnEPSS 0.3%CVE-2026-3470LOWA vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowiEPSS 0.3%CVE-2018-10499This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.EPSS 0.3%CVE-2021-20268An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF scrEPSS 0.3%