Falhas do tipo CWE-20
4.749 resultadosCVE-2025-24501MEDIUMAn improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request.EPSS 0.3%CVE-2025-44526MEDIUMRealtek RTL8762EKF-EVB RTL8762E SDK V1.4.0 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low EPSS 0.3%CVE-2026-22046HIGHiccDEV has heap-buffer-overflow in CIccProfileXml::ParseBasic() at IccXML/IccLibXML/IccProfileXml.cppEPSS 0.3%CVE-2026-40068HIGHClaude Code arbitrary code execution via git worktree commondir trust dialog bypassEPSS 0.3%CVE-2021-3599MEDIUMA potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local EPSS 0.3%CVE-2026-31192MEDIUMInsufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitivEPSS 0.3%CVE-2025-59187HIGHWindows Kernel Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-13875MEDIUMInsufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had comprEPSS 0.3%CVE-2025-6240MEDIUMProfisee Path Traversal VulnerabilityEPSS 0.3%CVE-2026-45392HIGHDOM-based XSS in Cribl StreamEPSS 0.3%CVE-2022-26707MEDIUMAn issue in the handling of environment variables was addressed with improved validation. This issue is fixed in macOS Monterey 12.4. A userEPSS 0.3%CVE-2025-66451MEDIUMLibreChat's Improper Input Validation in Prompt Creation API Enables Unauthorized Permission ChangesEPSS 0.3%CVE-2021-22484HIGHSome Huawei wearables have a vulnerability of not verifying the actual data size when reading data.
Successful exploitation of this vulnEPSS 0.3%CVE-2026-11086HIGHInappropriate implementation in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer procEPSS 0.3%CVE-2023-42981MEDIUMProcessing a file may lead to a denial-of-service or potentially disclose memory contents. This issue is fixed in macOS 14. The issue was adEPSS 0.3%CVE-2024-45601HIGHLocal file Inclusion via static file serving functionality in MesopEPSS 0.3%CVE-2026-10912MEDIUMInsufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromisEPSS 0.3%CVE-2022-21933MEDIUMASUS VivoMini/Mini PC - improper input validationEPSS 0.3%CVE-2026-41670HIGHAdmidio: SAML Response Sent to Unvalidated Assertion Consumer Service URL from AuthnRequestEPSS 0.3%CVE-2026-11022MEDIUMInsufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromisedEPSS 0.3%