Falhas do tipo CWE-20

4.750 resultados
CVE-2026-11086HIGHInappropriate implementation in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer procEPSS 0.3%CVE-2022-21933MEDIUMASUS VivoMini/Mini PC - improper input validationEPSS 0.3%CVE-2024-45601HIGHLocal file Inclusion via static file serving functionality in MesopEPSS 0.3%CVE-2026-11022MEDIUMInsufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromisedEPSS 0.3%CVE-2017-2614MEDIUMWhen updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password ifEPSS 0.3%CVE-2026-14087HIGHHeap buffer overflow in WebNN in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer EPSS 0.3%CVE-2026-58292HIGHMicrosoft Edge (Chromium-based) Remote Code Execution VulnerabilityEPSS 0.3%CVE-2025-66866MEDIUMAn issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafEPSS 0.3%CVE-2026-22700HIGHRustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKEEPSS 0.3%CVE-2026-13706NONEUrlShortener extension url validation can be bypassed due to difference between php url parsing and WHATWGEPSS 0.3%CVE-2024-4028LOWKeycloak-core: stored xss in keycloak when creating a items in admin consoleEPSS 0.3%CVE-2024-23294HIGHThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.4. Processing malicious input may lead to cEPSS 0.3%CVE-2026-46679HIGHlibp2p: Memory DoS via subscription flood of unique topicsEPSS 0.3%CVE-2026-36501HIGHAn issue in the Externalizable.readExternal() component of Controller v12.0.5 allows attackers to cause a Denial of Service (DoS) via a crafEPSS 0.3%CVE-2025-59886HIGHImproper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access tEPSS 0.3%CVE-2026-49475HIGHFreeSWITCH: Out-of-bounds memory access in core STUN attribute parsingEPSS 0.3%CVE-2025-23204MEDIUMGraphQl securityAfterResolver not calledEPSS 0.3%CVE-2025-5992LOWPassing values outside of expected range to QColorTransferGenericFunction can cause a denial of serviceEPSS 0.3%CVE-2025-57835HIGHAn issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330EPSS 0.3%CVE-2026-26935MEDIUMImproper Input Validation in Kibana Leading to Denial of ServiceEPSS 0.3%