Fallos del tipo CWE-269

1785 resultados
CVE-2025-32345HIGHIn updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary userEPSS 0.1%CVE-2023-40106HIGHIn sanitizeSbn of NotificationManagerService.java, there is a possible way to launch an activity from the background due to BAL Bypass. ThisEPSS 0.1%CVE-2024-22008HIGHIn config_gov_time_windows of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalatEPSS 0.1%CVE-2024-25987MEDIUMIn pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation EPSS 0.1%CVE-2025-6177HIGHChromeOS MiniOS Root Code Execution Bypass While Dev Mode BlockedEPSS 0.1%CVE-2026-24510MEDIUMDell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Privilege Management vulnerability. A low privileged EPSS 0.1%CVE-2026-0023HIGHIn createSessionInternal of PackageInstallerService.java, there is a possible way for an app to update its ownership due to a missing permisEPSS 0.1%CVE-2026-0055MEDIUMIn createSessionInternal of PackageInstallerService.java, there is a possible to update a Device Policy Controller (DPC) into an invalid dirEPSS 0.1%CVE-2023-35667In updateList of NotificationAccessSettings.java, there is a possible way to hide approved notification listeners in the settings due to a lEPSS 0.1%CVE-2025-13917HIGHElevation of Privileges in Web Security Services (WSS) AgentEPSS 0.1%CVE-2024-23713HIGHIn migrateNotificationFilter of NotificationManagerService.java, there is a possible failure to persist notifications settings due to impropEPSS 0.1%CVE-2024-32918MEDIUMPermission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP Key Exchange initialization stepsEPSS 0.1%CVE-2026-14124HIGHInappropriate implementation in CredentialProvider in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OSEPSS 0.1%CVE-2024-34743HIGHIn setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due to a logic error in the code. This could leaEPSS 0.1%CVE-2024-29784HIGHIn prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escaEPSS 0.1%CVE-2024-38487HIGHapi-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintendEPSS 0.1%CVE-2024-27233HIGHIn ppcfw_init_secpolicy of ppcfw.c, there is a possible permission bypass due to uninitialized data. This could lead to local escalation of EPSS 0.1%CVE-2024-27222HIGHIn onSkipButtonClick of FaceEnrollFoldPage.java, there is a possible way to access the file the app cannot access due to Intent Redirect GREPSS 0.1%CVE-2026-0019HIGHIn SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation oEPSS 0.1%CVE-2026-11103HIGHInappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level prEPSS 0.1%