Falhas do tipo CWE-20
4.751 resultadosCVE-2021-46771—Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by EPSS 0.3%CVE-2026-22046HIGHiccDEV has heap-buffer-overflow in CIccProfileXml::ParseBasic() at IccXML/IccLibXML/IccProfileXml.cppEPSS 0.3%CVE-2025-44526MEDIUMRealtek RTL8762EKF-EVB RTL8762E SDK V1.4.0 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low EPSS 0.3%CVE-2025-59187HIGHWindows Kernel Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-31192MEDIUMInsufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitivEPSS 0.3%CVE-2026-45392HIGHDOM-based XSS in Cribl StreamEPSS 0.3%CVE-2022-26707MEDIUMAn issue in the handling of environment variables was addressed with improved validation. This issue is fixed in macOS Monterey 12.4. A userEPSS 0.3%CVE-2026-13875MEDIUMInsufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had comprEPSS 0.3%CVE-2026-40068HIGHClaude Code arbitrary code execution via git worktree commondir trust dialog bypassEPSS 0.3%CVE-2021-3599MEDIUMA potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local EPSS 0.3%CVE-2025-6240MEDIUMProfisee Path Traversal VulnerabilityEPSS 0.3%CVE-2022-21933MEDIUMASUS VivoMini/Mini PC - improper input validationEPSS 0.3%CVE-2026-11016MEDIUMInsufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised EPSS 0.3%CVE-2024-45601HIGHLocal file Inclusion via static file serving functionality in MesopEPSS 0.3%CVE-2025-66451MEDIUMLibreChat's Improper Input Validation in Prompt Creation API Enables Unauthorized Permission ChangesEPSS 0.3%CVE-2026-11022MEDIUMInsufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromisedEPSS 0.3%CVE-2021-1454MEDIUMCisco IOS XE SD-WAN Software Parameter Injection VulnerabilitiesEPSS 0.3%CVE-2024-6254MEDIUMBrizy – Page Builder <= 2.5.1 - Cross-Site Request ForgeryEPSS 0.3%CVE-2017-2614MEDIUMWhen updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password ifEPSS 0.3%CVE-2024-38811HIGHCode-execution vulnerabilityEPSS 0.3%