Falhas do tipo CWE-20
4.748 resultadosCVE-2024-13798MEDIUMPost Grid and Gutenberg Blocks – ComboBlocks <= 2.3.5 - Unauthenticated Paid Order CreationEPSS 0.3%CVE-2024-41945LOWThe fuels-ts typescript SDK has no awareness of to-be-spent transactionsEPSS 0.3%CVE-2026-4519HIGHwebbrowser.open() allows leading dashes in URLsEPSS 0.3%CVE-2026-21692HIGHiccDEV has Type Confusion in ToXmlCurve() at IccXML/IccLibXML/IccMpeXml.cppEPSS 0.3%CVE-2024-4175MEDIUMImproper Input Validation vulnerability in Hyperion Web ServerEPSS 0.3%CVE-2026-35038LOWsignalk-server: Arbitrary Prototype Read via `from` Field BypassEPSS 0.3%CVE-2026-21693HIGHiccDEV has Type Confusion in CIccSegmentedCurveXml::ToXml() at IccXML/IccLibXML/IccMpeXml.cppEPSS 0.3%CVE-2026-11013MEDIUMInsufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised EPSS 0.3%CVE-2026-21677HIGHiccDEV has Undefined Behavior in CIccCLUT::Init()EPSS 0.3%CVE-2026-14631MEDIUMwebpack-dev-server vulnerable to denial of service via a malformed Host or Origin headerEPSS 0.3%CVE-2026-10992MEDIUMInsufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive EPSS 0.3%CVE-2026-30760HIGHAn issue in SourceBans Material Admin before v.1.1.6 (3ecd95e) allows attackers to manipulate arbitrary user data in the web app via a craftEPSS 0.3%CVE-2022-33719HIGHImproper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow.EPSS 0.3%CVE-2026-21485HIGHiccDEV Undefined Behavior (UB) and Out of Memory in CIccProfile::LoadTag()EPSS 0.3%CVE-2026-11008MEDIUMInsufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had comprEPSS 0.3%CVE-2026-11007MEDIUMInsufficient validation of untrusted input in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had cEPSS 0.3%CVE-2026-10968HIGHInsufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compEPSS 0.3%CVE-2026-32990MEDIUMApache Tomcat: Fix for CVE-2025-66614 is incompleteEPSS 0.3%CVE-2026-32168HIGHAzure Monitor Agent Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2021-0072MEDIUMImproper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in WinEPSS 0.3%