Falhas do tipo CWE-20
4.751 resultadosCVE-2025-61652LOWAction API discussiontoolspageinfo does not check for authorizeRead for the pageEPSS 0.3%CVE-2026-14411CRITICALInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially performEPSS 0.3%CVE-2024-23790LOWMissing file type check in avatar picture uploadEPSS 0.3%CVE-2026-14009HIGHInappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corrEPSS 0.3%CVE-2026-44425MEDIUMShellHub: Crash-DoS via field injection in filter and sort-by parametersEPSS 0.3%CVE-2026-4451HIGHInsufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromiEPSS 0.3%CVE-2026-11066CRITICALInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially performEPSS 0.3%CVE-2024-3938MEDIUMThe "reset password" login page accepted an HTML injection via URL parameters.
This has already been rectified via patch, and as such it caEPSS 0.3%CVE-2026-13603CRITICALSSRF with API key leak in pretix-oppwaEPSS 0.3%CVE-2025-53075MEDIUMImproper Input Validation vulnerability in Samsung Open Source rLottie allows Path Traversal.This issue affects rLottie: V0.2.EPSS 0.3%CVE-2023-45167MEDIUMIBM AIX denial of serviceEPSS 0.3%CVE-2026-20256MEDIUMImproper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk EnterpriseEPSS 0.3%CVE-2026-29135MEDIUMWebmail Password Tag Sanitization BypassEPSS 0.3%CVE-2026-11659CRITICALInteger overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape vEPSS 0.3%CVE-2022-24925MEDIUMImproper input validation vulnerability in SettingsProvider prior to Android S(12) allows privileged attackers to trigger a permanent denialEPSS 0.3%CVE-2024-36284MEDIUMImproper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enaEPSS 0.3%CVE-2026-56151MEDIUMImproper Input Validation in Kibana Leading to Denial of ServiceEPSS 0.3%CVE-2022-22423MEDIUMIBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service EPSS 0.3%CVE-2026-56306MEDIUMCapgo - Subkey Enforcement Bypass via x-limited-key-id Header ParsingEPSS 0.3%CVE-2026-14118MEDIUMInsufficient data validation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage inEPSS 0.3%