Fallos del tipo CWE-20
4583 resultadosCVE-2023-29452MEDIUMRemove possibility to add html into Geomap attribution fieldEPSS 62.0%CVE-2020-3495CRITICALCisco Jabber for Windows Message Handling Arbitrary Code Execution VulnerabilityEPSS 61.9%CVE-2020-3251CRITICALMultiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big DataEPSS 61.5%CVE-2020-3250CRITICALMultiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big DataEPSS 60.2%CVE-2024-48914CRITICALVendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategyEPSS 59.8%CVE-2021-34427—In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote (curreEPSS 57.7%CVE-2022-29499CRITICALThe Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation.EPSS 57.0%KEVCVE-2023-5044HIGHCode injection via nginx.ingress.kubernetes.io/permanent-redirect annotationEPSS 56.6%CVE-2019-11708CRITICALInsufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxeEPSS 55.9%KEVCVE-2018-0125CRITICALA vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unautEPSS 54.8%KEVCVE-2023-39456HIGHApache Traffic Server: Malformed http/2 frames can cause an abortEPSS 53.5%CVE-2022-3736HIGHnamed configured to answer from stale cache may terminate unexpectedly while processing RRSIG queriesEPSS 50.2%CVE-2022-31629MEDIUM$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilitiesEPSS 49.3%CVE-2025-34300CRITICALSawtooth Software Lighthouse Studio < 9.16.14 Pre-Authentication RCEEPSS 49.1%CVE-2022-46768MEDIUMFile name information disclosure vulnerability in Zabbix Web Service Report GenerationEPSS 47.8%CVE-2023-44355MEDIUMColdFusion | Improper Input Validation (CWE-20)EPSS 47.2%CVE-2024-20017CRITICALIn wlan service, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no EPSS 46.3%CVE-2019-15276HIGHCisco Wireless LAN Controller HTTP Parsing Engine Denial of Service VulnerabilityEPSS 46.3%CVE-2023-4357HIGHInsufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access reEPSS 45.9%CVE-2024-45802HIGHSquid Denial of ServiceEPSS 45.3%