Falhas do tipo CWE-20

4.751 resultados
CVE-2023-5058Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentialEPSS 0.3%CVE-2026-13850HIGHInsufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to execEPSS 0.3%CVE-2022-28186MEDIUMNVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the EPSS 0.3%CVE-2026-9212MEDIUMInsufficient authentication and input validation in certain NETGEAR productsEPSS 0.3%CVE-2022-28188MEDIUMNVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the EPSS 0.3%CVE-2021-3843MEDIUMA potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker with local access and elevated EPSS 0.3%CVE-2025-8662LOWOpenAM (OpenAM Consortium Edition) contains a vulnerability that may cause it to malfunction as a SAML IdP due to a tampered request.This isEPSS 0.3%CVE-2024-33624MEDIUMImproper input validation for some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow an unauthenticated userEPSS 0.3%CVE-2025-3837MEDIUMImproper Input Validation vulnerability in the End of Life (EOL) OVA based connect componentEPSS 0.3%CVE-2025-65397MEDIUMAn insecure authentication mechanism in the safe_exec.sh startup script of Blurams Flare Camera version 24.1114.151.929 and earlier allows aEPSS 0.3%CVE-2024-13666MEDIUMFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder <= 5.2.12 - IP-SpoofingEPSS 0.3%CVE-2026-48110HIGHRussh: SSH message fields were decoded through allocation-first parsers before field-specific boundsEPSS 0.3%CVE-2025-3070MEDIUMInsufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilEPSS 0.3%CVE-2026-26063HIGHCediPay Affected by Improper Input Validation in Payment ProcessingEPSS 0.3%CVE-2024-2248MEDIUMJFrog Artifactory Header InjectionEPSS 0.3%CVE-2026-44811HIGHWindows DWM Core Library Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2024-21976HIGHImproper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary cEPSS 0.3%CVE-2026-34760MEDIUMvLLM: Downmix Implementation Differences as Attack Vectors Against Audio AI ModelsEPSS 0.3%CVE-2024-25009MEDIUMEricsson Packet Core Controller (PCC) - Improper Input Validation VulnerabilityEPSS 0.3%CVE-2026-30077HIGHOpenAirInterface V2.2.0 AMF crashes when it fails to decode the message. Not all decode failures result in a crash. But the crash is consistEPSS 0.3%