Fallos del tipo CWE-20

4753 resultados
CVE-2025-48537HIGHIn multiple locations, there is a possible way to persistently DoS the device due to improper input validation. This could lead to local infEPSS 0.1%CVE-2024-32903HIGHIn prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. This could lead EPSS 0.1%CVE-2025-48559MEDIUMIn multiple functions of AppOpsService.java, there is a possible add a large amount of app ops due to improper input validation. This could EPSS 0.1%CVE-2025-48643HIGHIn multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of priviEPSS 0.1%CVE-2025-11195LOWRapid7 AppSpider Project Name Validation BypassEPSS 0.1%CVE-2025-48556HIGHIn multiple methods of NotificationChannel.java, there is a possible desynchronization from persistence due to improper input validation. ThEPSS 0.1%CVE-2025-36929MEDIUMIn AreFencesRegistered of gxp_fence_manager.cc, there is a possible information leak due to improper input validation. This could lead to loEPSS 0.1%CVE-2026-11158HIGHInsufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentialEPSS 0.1%CVE-2022-33703HIGHImproper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.EPSS 0.1%CVE-2023-48354MEDIUMIn telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execEPSS 0.1%CVE-2024-32907HIGHIn memcall_add of memlog.c, there is a possible buffer overflow due to improper input validation. This could lead to local escalation of priEPSS 0.1%CVE-2025-48541HIGHIn onCreate of FaceSettings.java, there is a possible way to remove biometric unlock across user profiles due to improper input validation. EPSS 0.1%CVE-2023-48346MEDIUMIn video decoder, there is a possible improper input validation. This could lead to local denial of service with no additional execution priEPSS 0.1%CVE-2025-47314HIGHImproper Input Validation in Automotive Software platform based on QNXEPSS 0.1%CVE-2025-48594HIGHIn onUidImportance of DisassociationProcessor.java, there is a possible way to retain companion application privileges after disassociation EPSS 0.1%CVE-2026-7997HIGHInsufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148.0.7778.96 allowed a local attacker to perform OS-EPSS 0.1%CVE-2026-11035HIGHInappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilegeEPSS 0.1%CVE-2025-27040MEDIUMImproper Input Validation in TZ FirmwareEPSS 0.1%CVE-2025-48538MEDIUMIn setApplicationHiddenSettingAsUser of PackageManagerService.java, there is a possible way to hide a system critical package due to impropeEPSS 0.1%CVE-2026-0078HIGHIn setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence due to improper input validation. This couldEPSS 0.1%