Fallos del tipo CWE-20
4752 resultadosCVE-2021-44454HIGHImproper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticateEPSS 0.3%CVE-2021-26316HIGHFailure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resultingEPSS 0.3%CVE-2026-48704HIGHWarp Markdown notebook links may open executable local filesEPSS 0.3%CVE-2025-66201HIGHLibreChat is Vulnerable to Server-Side Request Forgery (SSRF) in Actions CapabilityEPSS 0.3%CVE-2023-52368MEDIUMInput verification vulnerability in the account module.Successful exploitation of this vulnerability may cause features to perform abnormallEPSS 0.3%CVE-2026-33882MEDIUMStatamic's Markdown preview endpoint exposes sensitive user dataEPSS 0.3%CVE-2026-34666MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2026-34670MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2022-28193MEDIUMNVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted daEPSS 0.3%CVE-2026-34688MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2024-21452HIGHImproper Input Validation in Automotive TelematicsEPSS 0.3%CVE-2021-20297—A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highesEPSS 0.3%CVE-2026-4451HIGHInsufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromiEPSS 0.3%CVE-2026-11066CRITICALInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially performEPSS 0.3%CVE-2026-44425MEDIUMShellHub: Crash-DoS via field injection in filter and sort-by parametersEPSS 0.3%CVE-2026-13603CRITICALSSRF with API key leak in pretix-oppwaEPSS 0.3%CVE-2024-3938MEDIUMThe "reset password" login page accepted an HTML injection via URL parameters.
This has already been rectified via patch, and as such it caEPSS 0.3%CVE-2024-23790LOWMissing file type check in avatar picture uploadEPSS 0.3%CVE-2026-14009HIGHInappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corrEPSS 0.3%CVE-2022-1107MEDIUMDuring an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovereEPSS 0.3%