Falhas do tipo CWE-20

4.753 resultados
CVE-2025-5173MEDIUMHumanSignal label-studio-ml-backend PT File neural_nets.py load deserializationEPSS 0.2%CVE-2025-43482MEDIUMThe issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. EPSS 0.2%CVE-2025-35990HIGHImproper input validation for some Intel Endpoint Management Assistant (EMA) software before version 1.14.5 within Ring 3: User ApplicationsEPSS 0.2%CVE-2023-40394LOWThe issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be abEPSS 0.2%CVE-2026-5887MEDIUMInsufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to bypaEPSS 0.2%CVE-2023-44110Out-of-bounds access vulnerability in the audio module.Successful exploitation of this vulnerability may affect availability.EPSS 0.2%CVE-2022-30542HIGHImproper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System EPSS 0.2%CVE-2024-21871HIGHImproper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privEPSS 0.2%CVE-2026-14137MEDIUMInsufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who coEPSS 0.2%CVE-2022-42477MEDIUMAn improper input validation vulnerability [CWE-20] in FortiAnalyzer version 7.2.1 and below, version 7.0.6 and below, 6.4 all versions may EPSS 0.2%CVE-2025-54564HIGHuploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression, which allows command execution EPSS 0.2%CVE-2026-11240LOWInsufficient validation of untrusted input in Loader in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised tEPSS 0.2%CVE-2026-11251LOWInsufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised thEPSS 0.2%CVE-2022-28699HIGHImproper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via EPSS 0.2%CVE-2024-0127HIGHNVIDIA vGPU software contains a vulnerability in the GPU kernel driver of the vGPU Manager for all supported hypervisors, where a user of thEPSS 0.2%CVE-2022-23403MEDIUMImproper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enaEPSS 0.2%CVE-2026-7993MEDIUMInsufficient validation of untrusted input in Payments in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had EPSS 0.2%CVE-2026-8536LOWInsufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had EPSS 0.2%CVE-2026-7947MEDIUMInsufficient validation of untrusted input in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised EPSS 0.2%CVE-2026-34762LOWElla Core Has Audit Log Falsification via Path/Body IMSI Mismatch in UpdateSubscriberEPSS 0.2%