Weaknesses of type CWE-20
4,784 resultsCVE-2025-32323HIGHIn getCallingAppName of Shared.java, there is a possible way to trick users into granting file access via deceptive text in a permission popEPSS 0.1%CVE-2025-48624HIGHIn multiple functions of arm-smmu-v3.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local eEPSS 0.1%CVE-2025-36932HIGHIn tracepoint_msg_handler of cpm/google/lib/tracepoint/tracepoint_ipc.c, there is a possible memory overwrite due to improper input validatiEPSS 0.1%CVE-2025-48644MEDIUMIn multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial ofEPSS 0.1%CVE-2025-36920HIGHIn hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead tEPSS 0.1%CVE-2025-48537HIGHIn multiple locations, there is a possible way to persistently DoS the device due to improper input validation. This could lead to local infEPSS 0.1%CVE-2024-32903HIGHIn prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. This could lead EPSS 0.1%CVE-2025-48559MEDIUMIn multiple functions of AppOpsService.java, there is a possible add a large amount of app ops due to improper input validation. This could EPSS 0.1%CVE-2025-11195LOWRapid7 AppSpider Project Name Validation BypassEPSS 0.1%CVE-2025-48643HIGHIn multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of priviEPSS 0.1%CVE-2025-36929MEDIUMIn AreFencesRegistered of gxp_fence_manager.cc, there is a possible information leak due to improper input validation. This could lead to loEPSS 0.1%CVE-2026-11158HIGHInsufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentialEPSS 0.1%CVE-2025-48556HIGHIn multiple methods of NotificationChannel.java, there is a possible desynchronization from persistence due to improper input validation. ThEPSS 0.1%CVE-2022-33703HIGHImproper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.EPSS 0.1%CVE-2025-48541HIGHIn onCreate of FaceSettings.java, there is a possible way to remove biometric unlock across user profiles due to improper input validation. EPSS 0.1%CVE-2024-32907HIGHIn memcall_add of memlog.c, there is a possible buffer overflow due to improper input validation. This could lead to local escalation of priEPSS 0.1%CVE-2023-48354MEDIUMIn telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execEPSS 0.1%CVE-2023-48346MEDIUMIn video decoder, there is a possible improper input validation. This could lead to local denial of service with no additional execution priEPSS 0.1%CVE-2025-47314HIGHImproper Input Validation in Automotive Software platform based on QNXEPSS 0.1%CVE-2025-48594HIGHIn onUidImportance of DisassociationProcessor.java, there is a possible way to retain companion application privileges after disassociation EPSS 0.1%