Falhas do tipo CWE-20

4.749 resultados
CVE-2020-11850HIGHCross site scripting vulnerability in Self Service Password ResetEPSS 0.3%CVE-2026-10920HIGHInsufficient validation of untrusted input in WebShare in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compEPSS 0.3%CVE-2026-10911HIGHInsufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised thEPSS 0.3%CVE-2026-10917HIGHInsufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised thEPSS 0.3%CVE-2022-27835HIGHImproper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory write.EPSS 0.3%CVE-2026-44518MEDIUMliboqs: XMSS Buffer Overread BugEPSS 0.3%CVE-2025-27599MEDIUMElement X Android vulnerable to loading malicious web pages via received intentEPSS 0.3%CVE-2024-12353MEDIUMSourceCodester Phone Contact Manager System User Menu MenuDisplayStart input validationEPSS 0.3%CVE-2026-28907HIGHThe issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOEPSS 0.3%CVE-2025-11273MEDIUMLaChatterie Verger provider.ts redirectToAuthorization deserializationEPSS 0.3%CVE-2026-45565HIGHRoxy-WI: EscapedString validator skips its '..' block when stripping (root cause for several path-traversal/RCE vectors)EPSS 0.3%CVE-2026-30523MEDIUMA Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to the lack of proper input validation. The applicatEPSS 0.3%CVE-2026-27913HIGHWindows BitLocker Security Feature Bypass VulnerabilityEPSS 0.3%CVE-2026-10922HIGHInsufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a useEPSS 0.3%CVE-2026-2750CRITICALCommand Injection via CLAPI generatetrapsEPSS 0.3%CVE-2026-5879HIGHInsufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbiEPSS 0.3%CVE-2023-28981MEDIUMJunos OS and Junos OS Evolved: If malformed IPv6 router advertisements are received, memory corruption will occur which causes an rpd crashEPSS 0.3%CVE-2026-47369CRITICALA malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain deEPSS 0.3%CVE-2026-13891HIGHInsufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromisEPSS 0.3%CVE-2022-22230MEDIUMJunos OS and Junos OS Evolved: RPD crash upon receipt of specific OSPFv3 LSAsEPSS 0.3%