Weaknesses of type CWE-20

4,756 results
CVE-2026-13025HIGHRace in DevTools in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to potentially EPSS 0.2%CVE-2022-36339HIGHImproper input validation in firmware for Intel(R) NUC 8 Compute Element, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element mEPSS 0.2%CVE-2024-31154HIGHImproper input validation in UEFI firmware for some Intel(R) Server S2600BPBR may allow a privileged user to potentially enable escalation oEPSS 0.2%CVE-2026-9982HIGHInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised tEPSS 0.2%CVE-2024-31959HIGHAn issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native hanEPSS 0.2%CVE-2022-25976MEDIUMImproper input validation in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable deniEPSS 0.2%CVE-2026-13812MEDIUMInsufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who coEPSS 0.2%CVE-2026-11280MEDIUMInappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via aEPSS 0.2%CVE-2022-43875MEDIUMIBM Financial Transaction Manager for SWIFT Services for Multiplatforms denial of serviceEPSS 0.2%CVE-2021-25414Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to copy or overwrite arbEPSS 0.2%CVE-2024-29074MEDIUMTelephony has an improper input validation vulnerabilityEPSS 0.2%CVE-2026-11034MEDIUMInsufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker toEPSS 0.2%CVE-2026-14073MEDIUMInsufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation rEPSS 0.2%CVE-2026-47201HIGHauthentik: XML Signature Wrapping in SAML Source ACS allows authentication as arbitrary federated userEPSS 0.2%CVE-2022-20470HIGHIn bindRemoteViewsService of AppWidgetServiceImpl.java, there is a possible way to bypass background activity launch due to improper input vEPSS 0.2%CVE-2024-22382HIGHImproper input validation in PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged usEPSS 0.2%CVE-2024-28947HIGHImproper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow aEPSS 0.2%CVE-2026-33588HIGHArbitrary File Write Through Path TraversalEPSS 0.2%CVE-2026-14083MEDIUMInsufficient validation of untrusted input in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scrEPSS 0.2%CVE-2026-9985MEDIUMInsufficient validation of untrusted input in Media in Google Chrome on ChromeOS prior to 148.0.7778.216 allowed a remote attacker who had cEPSS 0.2%