Fallos del tipo CWE-20

4749 resultados
CVE-2021-4211MEDIUMA potential vulnerability in the SMI callback function used in the SMBIOS event log driver in some Lenovo Desktop, ThinkStation, and ThinkEdEPSS 0.2%CVE-2021-4210MEDIUMA potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models maEPSS 0.2%CVE-2025-55006MEDIUMFrappe Learning Holds Potential for Malicious SVG Upload in Image Upload FeatureEPSS 0.2%CVE-2021-4212MEDIUMA potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacEPSS 0.2%CVE-2026-14066MEDIUMInsufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypEPSS 0.2%CVE-2026-34086LOWAbuseFilter misuses ::userCanBitfield, exposing access-controlled informationEPSS 0.2%CVE-2026-49086MEDIUMApache Camel Dapr: Pub/Sub consumer copied the inbound CloudEvent's pub/sub-name and topic into producer-direction routing headers, allowing an actor who can publish to the subscribed topic to influence internal behaviourEPSS 0.2%CVE-2021-26321Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP.EPSS 0.2%CVE-2023-24579HIGHMcAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command prompt.EPSS 0.2%CVE-2026-39417MEDIUMMaxKB: RCE via MCP stdio command injection in workflow engineEPSS 0.2%CVE-2026-21686HIGHiccDEV has Undefined Behavior in CIccTagLutAtoB::Validate()EPSS 0.2%CVE-2026-21684HIGHiccDEV has Undefined Behavior in CIccTagSpectralViewingConditions()EPSS 0.2%CVE-2026-7345HIGHInsufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromiseEPSS 0.2%CVE-2026-11105MEDIUMInsufficient validation of untrusted input in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised thEPSS 0.2%CVE-2021-3719MEDIUMA potential vulnerability in the SMI callback function that saves and restore boot script tables used for resuming from sleep state in some EPSS 0.2%CVE-2022-22287LOWAbitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox.EPSS 0.2%CVE-2026-21691MEDIUMiccDEV has Type Confusion in CIccTag:IsTypeCompressed()EPSS 0.2%CVE-2023-20528LOWInsufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leadinEPSS 0.2%CVE-2026-7915MEDIUMInsufficient data validation in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker to bypass navigation rEPSS 0.2%CVE-2026-21685HIGHiccDEV has Undefined Behavior in CIccTagLut16::Read()EPSS 0.2%