Weaknesses of type CWE-20
4,758 resultsCVE-2024-6978MEDIUMCato Networks Windows SDP Client Local root certificates can be installed by low-privileged usersEPSS 0.1%CVE-2025-33191MEDIUMNVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause an invalid memory read. A successful exploiEPSS 0.1%CVE-2025-20034MEDIUMImproper input validation in the BackupBiosUpdate UEFI firmware SmiVariable driver for the Intel(R) Server D50DNP and M50FCP boards before vEPSS 0.1%CVE-2023-21671CRITICALImproper Input Validation in CoreEPSS 0.1%CVE-2025-24308HIGHImproper input validation in the UEFI firmware error handler for the Intel(R) Server D50DNP and M50FCP may allow a privileged user to potentEPSS 0.1%CVE-2024-43697LOWLiteos_a has an Improper Input Validation vulnerabilityEPSS 0.1%CVE-2025-24325CRITICALImproper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticEPSS 0.1%CVE-2024-13943HIGHTesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape VulnerabilityEPSS 0.1%CVE-2026-24345MEDIUMCross-Site Request Forgery in EZCast Pro II DongleEPSS 0.1%CVE-2025-26474LOWcommunication_ipc an improper input validation vulnerabilityEPSS 0.1%CVE-2022-20512HIGHIn navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation.EPSS 0.1%CVE-2025-32004LOWImproper input validation in the Intel Edger8r Tool for some Intel(R) SGX SDK may allow an authenticated user to potentially enable escalatiEPSS 0.1%CVE-2022-28781HIGHImproper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arbitrary activity with system privilege. TEPSS 0.1%CVE-2025-58146CRITICALXAPI UTF-8 string handlingEPSS 0.1%CVE-2025-20031MEDIUMImproper input validation for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via locEPSS 0.1%CVE-2025-24484HIGHImproper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticEPSS 0.1%CVE-2026-12456MEDIUMInappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a maEPSS 0.1%CVE-2026-12191HIGHComma AI Openpilot Pickle modeld.py pickle.loads deserializationEPSS 0.1%CVE-2025-20096MEDIUMImproper input validation in the UEFI firmware for some Intel Reference Platforms may allow an escalation of privilege. System software adveEPSS 0.1%CVE-2022-27827HIGHImproper validation vulnerability in MediaMonitorDimension prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.EPSS 0.1%