Weaknesses of type CWE-20

4,760 results
CVE-2025-52347HIGHAn issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and PerformanceTest v11.1 BuEPSS 0.1%CVE-2024-51519MEDIUMVulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect avaiEPSS 0.1%CVE-2024-51529MEDIUMData verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability.EPSS 0.1%CVE-2023-20932LOWIn onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input valEPSS 0.1%CVE-2021-25468MEDIUMA possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to readEPSS 0.1%CVE-2021-25453MEDIUMSome improper access control in Bluetooth APIs prior to SMR Sep-2021 Release 1 allows untrusted application to get Bluetooth information.EPSS 0.1%CVE-2022-33704HIGHImproper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activitiEPSS 0.1%CVE-2026-21495MEDIUMDivision by Zero in iccDEV TIFF Image ReaderEPSS 0.1%CVE-2024-23706HIGHIn multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local eEPSS 0.1%CVE-2024-0022MEDIUMIn multiple functions of CompanionDeviceManagerService.java, there is a possible launch NotificationAccessConfirmationActivity of another usEPSS 0.1%CVE-2025-62816MEDIUMAn issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. Unvalidated VS4L_VERTEXIOC_BOOTUP iEPSS 0.1%CVE-2026-0238LOWBroker VM: Improper Input Validation in Broker VM Certificate and Key FieldsEPSS 0.1%CVE-2023-22382HIGHImproper Input Validation in AutomotiveEPSS 0.1%CVE-2025-29936HIGHImproper input validation within the AMD Platform Management Framework (PMF) could allow an attacker to unmap arbitrary memory pages potentiEPSS 0.1%CVE-2022-27833MEDIUMImproper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow.EPSS 0.1%CVE-2026-13849HIGHInsufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to poteEPSS 0.1%CVE-2026-8005MEDIUMInsufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment EPSS 0.1%CVE-2021-25512MEDIUMAn improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities.EPSS 0.1%CVE-2024-33031MEDIUMImproper Input Validation in RILEPSS 0.1%CVE-2022-36850MEDIUMPath traversal vulnerability in CallBGProvider prior to SMR Sep-2022 Release 1 allows attacker to overwrite arbitrary file with phone uid.EPSS 0.1%