Fallos del tipo CWE-20

4749 resultados
CVE-2023-34431HIGHImproper input validation in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilEPSS 0.2%CVE-2022-1108MEDIUMA potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could beEPSS 0.2%CVE-2020-12961A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged register on the EPSS 0.2%CVE-2024-54011MEDIUMMissing Error/Exception HandlingEPSS 0.2%CVE-2024-24582HIGHImproper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable eEPSS 0.2%CVE-2026-34207HIGHTypeBot: SSRF Protection Bypass via DNS-Resolved Hostnames in Webhook / HTTP Request ValidationEPSS 0.2%CVE-2026-13602HIGHSession takeover vulnerabilityEPSS 0.2%CVE-2026-4538MEDIUMPyTorch pt2 Loading deserializationEPSS 0.2%CVE-2022-30712HIGHImproper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.EPSS 0.2%CVE-2022-28611MEDIUMImproper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to poEPSS 0.2%CVE-2023-48368MEDIUMImproper input validation in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of servicEPSS 0.2%CVE-2024-25010HIGHEricsson RAN Compute and Site Controller 6610 - Improper Input Validation VulnerabilityEPSS 0.2%CVE-2026-14122HIGHInsufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker toEPSS 0.2%CVE-2025-24785MEDIUMiTop dashboard vulnerable to denial of serviceEPSS 0.2%CVE-2024-31965MEDIUMA vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 ConferenEPSS 0.2%CVE-2025-8007HIGHRockwell Automation 1756-ENT2R, EN4TR, EN4TRXT VulnerabilityEPSS 0.2%CVE-2024-20406HIGHCisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service VulnerabilityEPSS 0.2%CVE-2026-13959MEDIUMInsufficient validation of untrusted input in Blink in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin EPSS 0.2%CVE-2026-21687HIGHiccDEV has Undefined Behavior in CIccTagCurve::CIccTagCurve()EPSS 0.2%CVE-2021-26323Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity.EPSS 0.2%