Fallos del tipo CWE-20
4752 resultadosCVE-2022-1107MEDIUMDuring an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovereEPSS 0.3%CVE-2024-3938MEDIUMThe "reset password" login page accepted an HTML injection via URL parameters.
This has already been rectified via patch, and as such it caEPSS 0.3%CVE-2026-14055CRITICALInsufficient validation of untrusted input in Device Trust in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who EPSS 0.3%CVE-2026-4451HIGHInsufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromiEPSS 0.3%CVE-2026-44425MEDIUMShellHub: Crash-DoS via field injection in filter and sort-by parametersEPSS 0.3%CVE-2024-45301MEDIUMZDI-CAN-24744: Mintty Path Conversion Improper Input Validation Information Disclosure VulnerabilityEPSS 0.3%CVE-2026-0051MEDIUMIn multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a system crash due to improper input validation. This EPSS 0.3%CVE-2026-11066CRITICALInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially performEPSS 0.3%CVE-2021-35531—Remote Code Execution in TXpert Hub CoreTec 4EPSS 0.3%CVE-2023-45167MEDIUMIBM AIX denial of serviceEPSS 0.3%CVE-2026-29135MEDIUMWebmail Password Tag Sanitization BypassEPSS 0.3%CVE-2025-53075MEDIUMImproper Input Validation vulnerability in Samsung Open Source rLottie allows Path Traversal.This issue affects rLottie: V0.2.EPSS 0.3%CVE-2026-11659CRITICALInteger overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape vEPSS 0.3%CVE-2026-20256MEDIUMImproper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk EnterpriseEPSS 0.3%CVE-2026-47181HIGHPenguinMod-BackendApi: NoSQL Injection in Password Reset Endpoint Allows Account TakeoverEPSS 0.3%CVE-2025-10460CRITICALUnsanitized parameter input leading to SQL Injection vulnerabilityEPSS 0.3%CVE-2026-56151MEDIUMImproper Input Validation in Kibana Leading to Denial of ServiceEPSS 0.3%CVE-2026-56306MEDIUMCapgo - Subkey Enforcement Bypass via x-limited-key-id Header ParsingEPSS 0.3%CVE-2026-20020MEDIUMA vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjEPSS 0.3%CVE-2026-14118MEDIUMInsufficient data validation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage inEPSS 0.3%