Falhas do tipo CWE-20

4.751 resultados
CVE-2026-33948LOWjq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed InputEPSS 0.3%CVE-2026-4987HIGHSureForms <= 2.5.2 - Unauthenticated Payment Amount Validation Bypass via 'form_id'EPSS 0.3%CVE-2025-66201HIGHLibreChat is Vulnerable to Server-Side Request Forgery (SSRF) in Actions CapabilityEPSS 0.3%CVE-2023-52368MEDIUMInput verification vulnerability in the account module.Successful exploitation of this vulnerability may cause features to perform abnormallEPSS 0.3%CVE-2026-34670MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2026-34688MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2022-28193MEDIUMNVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted daEPSS 0.3%CVE-2026-33882MEDIUMStatamic's Markdown preview endpoint exposes sensitive user dataEPSS 0.3%CVE-2026-34666MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2026-48704HIGHWarp Markdown notebook links may open executable local filesEPSS 0.3%CVE-2024-21452HIGHImproper Input Validation in Automotive TelematicsEPSS 0.3%CVE-2021-20297A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highesEPSS 0.3%CVE-2026-14411CRITICALInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially performEPSS 0.3%CVE-2024-23790LOWMissing file type check in avatar picture uploadEPSS 0.3%CVE-2024-3938MEDIUMThe "reset password" login page accepted an HTML injection via URL parameters. This has already been rectified via patch, and as such it caEPSS 0.3%CVE-2026-14106CRITICALInsufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compEPSS 0.3%CVE-2025-61652LOWAction API discussiontoolspageinfo does not check for authorizeRead for the pageEPSS 0.3%CVE-2021-35531Remote Code Execution in TXpert Hub CoreTec 4EPSS 0.3%CVE-2026-14009HIGHInappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corrEPSS 0.3%CVE-2026-14055CRITICALInsufficient validation of untrusted input in Device Trust in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who EPSS 0.3%