Fallos del tipo CWE-20

4752 resultados
CVE-2023-22662MEDIUMImproper input validation of EpsdSrMgmtConfig in UEFI firmware for some Intel(R) Server Board S2600BP products may allow a privileged user tEPSS 0.2%CVE-2025-32067MEDIUMi18n XSS vulnerability in message growthexperimentsEPSS 0.2%CVE-2026-21272HIGHDreamweaver Desktop | Improper Input Validation (CWE-20)EPSS 0.2%CVE-2023-42977HIGHA path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be abEPSS 0.2%CVE-2022-48189MEDIUMAn SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privEPSS 0.2%CVE-2026-11213CRITICALInsufficient validation of untrusted input in Reading Mode in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromEPSS 0.2%CVE-2024-31153MEDIUMImproper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentiaEPSS 0.2%CVE-2026-8538MEDIUMInsufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised theEPSS 0.2%CVE-2026-20685MEDIUMAn attacker in a privileged network position may be able to leak sensitive information. A path handling issue was addressed with improved vaEPSS 0.2%CVE-2026-13990MEDIUMInsufficient validation of untrusted input in DataTransfer in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who EPSS 0.2%CVE-2025-52451HIGHImproper Input Validation vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - create-data-source-from-file-upload modEPSS 0.2%CVE-2026-5915HIGHInsufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bEPSS 0.2%CVE-2026-11237HIGHInsufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised thEPSS 0.2%CVE-2023-38719MEDIUMIBM Db2 denial of serviceEPSS 0.2%CVE-2025-58759MEDIUMTinyEnv: Inline comments not stripped properly in .env valuesEPSS 0.2%CVE-2025-31966LOWBoolean-Based SQL Injection in Multiple Unica ComponentsEPSS 0.2%CVE-2026-11038MEDIUMInsufficient policy enforcement in Subresource Integrity in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass contentEPSS 0.2%CVE-2024-24981HIGHImproper input validation in PfrSmiUpdateFw driver in UEFI firmware for some Intel(R) Server M50FCP Family products may allow a privileged uEPSS 0.2%CVE-2025-46574MEDIUMZTE GoldenDB Database product has an input validation vulnerabilityEPSS 0.2%CVE-2026-34669MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS 0.2%