Fallos del tipo CWE-20

4753 resultados
CVE-2025-33221MEDIUMNVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission EPSS 0.2%CVE-2023-24571HIGH Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potEPSS 0.2%CVE-2024-3173HIGHInsufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escaEPSS 0.2%CVE-2022-32490HIGH Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerabilEPSS 0.2%CVE-2023-25522HIGH NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuratiEPSS 0.2%CVE-2024-27240HIGHZoom Apps for Windows - Improper Input ValidationEPSS 0.2%CVE-2025-44779MEDIUMAn issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull.EPSS 0.2%CVE-2023-25772MEDIUMImproper input validation in the Intel(R) Retail Edge Mobile Android application before version 3.0.301126-RELEASE may allow an authenticateEPSS 0.2%CVE-2022-20507HIGHIn onMulticastListUpdateNotificationReceived of UwbEventManager.java, there is a possible arbitrary code execution due to a missing bounds cEPSS 0.2%CVE-2023-32633MEDIUMImproper input validation in the Intel(R) CSME installer software before version 2328.5.5.0 may allow an authenticated user to potentially eEPSS 0.2%CVE-2025-33043MEDIUMSMM buffer IntegrityEPSS 0.2%CVE-2025-31488MEDIUMPlain Craft Launcher's custom homepage can use Internet Explorer to load web pages with the help of controls such as WebBrowserEPSS 0.2%CVE-2025-62525HIGHOpenWrt vulnerable to local privilage escalationEPSS 0.2%CVE-2022-31616MEDIUMNVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a loEPSS 0.2%CVE-2022-43449MEDIUMArbitrary file read via download_server.EPSS 0.2%CVE-2026-10651HIGHBluetooth Classic SDP parser truncation bug in bt_sdp_parse_attribute() leads to reachable assertion and possible out-of-bounds readEPSS 0.2%CVE-2021-37663HIGHIncomplete validation in `QuantizeV2` in TensorFlowEPSS 0.2%CVE-2025-11676HIGHUPnP DOS in TL-WR940N V6EPSS 0.2%CVE-2022-37010LOWIn JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not Defined" dialog was missedEPSS 0.2%CVE-2026-15131MEDIUMInappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via aEPSS 0.2%