Falhas do tipo CWE-20

4.753 resultados
CVE-2026-6231MEDIUMbson_validate may skip validation when processing certain inputsEPSS 0.2%CVE-2026-9982HIGHInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised tEPSS 0.2%CVE-2026-9977HIGHInsufficient validation of untrusted input in WebShare in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who hadEPSS 0.2%CVE-2026-11280MEDIUMInappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via aEPSS 0.2%CVE-2022-43875MEDIUMIBM Financial Transaction Manager for SWIFT Services for Multiplatforms denial of serviceEPSS 0.2%CVE-2021-25414Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to copy or overwrite arbEPSS 0.2%CVE-2024-22382HIGHImproper input validation in PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged usEPSS 0.2%CVE-2026-14083MEDIUMInsufficient validation of untrusted input in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scrEPSS 0.2%CVE-2024-28947HIGHImproper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow aEPSS 0.2%CVE-2026-33588HIGHArbitrary File Write Through Path TraversalEPSS 0.2%CVE-2026-11034MEDIUMInsufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker toEPSS 0.2%CVE-2026-9985MEDIUMInsufficient validation of untrusted input in Media in Google Chrome on ChromeOS prior to 148.0.7778.216 allowed a remote attacker who had cEPSS 0.2%CVE-2026-14073MEDIUMInsufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation rEPSS 0.2%CVE-2022-20470HIGHIn bindRemoteViewsService of AppWidgetServiceImpl.java, there is a possible way to bypass background activity launch due to improper input vEPSS 0.2%CVE-2026-11259MEDIUMInsufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin pEPSS 0.2%CVE-2026-51599CRITICALAn insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticaEPSS 0.2%CVE-2024-29074MEDIUMTelephony has an improper input validation vulnerabilityEPSS 0.2%CVE-2026-27170HIGHOpenSift: SSRF risk in URL ingestion endpointEPSS 0.2%CVE-2026-21501MEDIUMStack Overflow in iccDEV Calculator ParserEPSS 0.2%CVE-2025-11226HIGHConditional processing of logback.xml configuration file, in conjuction with Spring Framework and JaninoEPSS 0.2%