Falhas do tipo CWE-1284
234 resultadosCVE-2025-68383MEDIUMFilebeat Improper Validation of Specified Index, Position, or Offset in InputEPSS 0.2%CVE-2022-20491HIGHIn NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. EPSS 0.2%CVE-2026-6915MEDIUMFlaw in the updateUser Command May Allow Unauthorized Configuration ChangeEPSS 0.2%CVE-2022-20543LOWIn multiple locations, there is a possible display crash loop due to improper input validation. This could lead to local denial of service wEPSS 0.2%CVE-2025-48507HIGHThe security state of the calling processor into Trusted Firmware (TF-A) is not used and could potentially allow non-secure processors accesEPSS 0.2%CVE-2025-11743HIGHRockwell Automation CompactLogix® 5370 Denial of Service VulnerabilityEPSS 0.2%CVE-2024-21953MEDIUMImproper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integriEPSS 0.2%CVE-2023-20581LOWImproper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory intEPSS 0.2%CVE-2023-20515MEDIUMImproper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leadingEPSS 0.2%CVE-2023-31304LOWImproper input validation in SMU may allow an attacker with privileges and a compromised physical function (PF) to modify the PCIe® lanEPSS 0.2%CVE-2023-31331LOWImproper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stacEPSS 0.1%CVE-2023-31310MEDIUMImproper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the "set tEPSS 0.1%CVE-2023-20508MEDIUMImproper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled bEPSS 0.1%CVE-2024-36346MEDIUMImproper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input daEPSS 0.1%CVE-2022-20488HIGHIn NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. EPSS 0.1%CVE-2026-57053MEDIUMGNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idna_to_unicoEPSS 0.1%CVE-2025-0038MEDIUMIn AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow accesEPSS 0.1%CVE-2023-20708MEDIUMIn keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with SEPSS 0.1%CVE-2026-57062LOWCMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is suppEPSS 0.1%CVE-2025-54515LOWThe Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination InterfaEPSS 0.1%