Fallos del tipo CWE-20

4753 resultados
CVE-2024-20056MEDIUMIn preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilegeEPSS 0.1%CVE-2026-11297HIGHInsufficient validation of untrusted input in Reader Mode in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to bypEPSS 0.1%CVE-2023-21092HIGHIn retrieveServiceLocked of ActiveServices.java, there is a possible way to dynamically register a BroadcastReceiver using permissions of SyEPSS 0.1%CVE-2022-33729MEDIUMImproper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connecEPSS 0.1%CVE-2025-68964MEDIUMData verification vulnerability in the HiView module. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2022-20459MEDIUMIn (TBD) of (TBD), there is a possible way to redirect code execution due to improper input validation. This could lead to local escalation EPSS 0.1%CVE-2023-32826MEDIUMIn camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privEPSS 0.1%CVE-2025-21460HIGHImproper Input Validation in Automotive Software platform based on QNXEPSS 0.1%CVE-2024-49844HIGHImproper Input Validation in AutomotiveEPSS 0.1%CVE-2025-48647HIGHIn cpm_fwtp_msg_handler of cpm/google/lib/tracepoint/cpm_fwtp_ipc.c, there is a possible memory overwrite due to improper input validation. EPSS 0.1%CVE-2023-32827MEDIUMIn camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privEPSS 0.1%CVE-2026-15115LOWInsufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker toEPSS 0.1%CVE-2024-49845HIGHImproper Input Validation in HLOSEPSS 0.1%CVE-2025-54636MEDIUMIssue of buffer overflow caused by insufficient data verification in the kernel drop detection module. Impact: Successful exploitation of thEPSS 0.1%CVE-2025-48624HIGHIn multiple functions of arm-smmu-v3.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local eEPSS 0.1%CVE-2025-32323HIGHIn getCallingAppName of Shared.java, there is a possible way to trick users into granting file access via deceptive text in a permission popEPSS 0.1%CVE-2025-22424HIGHIn multiple locations, there is a possible way to reveal images across users due to improper input validation. This could lead to local escaEPSS 0.1%CVE-2025-36932HIGHIn tracepoint_msg_handler of cpm/google/lib/tracepoint/tracepoint_ipc.c, there is a possible memory overwrite due to improper input validatiEPSS 0.1%CVE-2025-36920HIGHIn hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead tEPSS 0.1%CVE-2025-48644MEDIUMIn multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial ofEPSS 0.1%