Falhas do tipo CWE-20
4.753 resultadosCVE-2026-36175MEDIUMAn issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access viaEPSS 0.2%CVE-2026-8007HIGHInsufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised theEPSS 0.2%CVE-2026-14089MEDIUMInsufficient validation of untrusted input in PopupBlocker in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromEPSS 0.2%CVE-2026-15122HIGHInsufficient validation of untrusted input in Codecs in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had cEPSS 0.2%CVE-2026-7931MEDIUMInsufficient validation of untrusted input in iOS in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker to perform UI spoEPSS 0.2%CVE-2023-2961LOWA segmentation fault flaw was found in the Advancecomp package. This may lead to decreased availability.EPSS 0.2%CVE-2026-7998MEDIUMInsufficient validation of untrusted input in Dialog in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised tEPSS 0.2%CVE-2026-21690MEDIUMiccDEV has Type Confusion in CIccTagXmlTagData::ToXml()EPSS 0.2%CVE-2026-14020MEDIUMInsufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised thEPSS 0.2%CVE-2023-21501HIGHImproper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitraryEPSS 0.2%CVE-2024-42410MEDIUMImproper input validation in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via locaEPSS 0.2%CVE-2026-5919MEDIUMInsufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromisEPSS 0.2%CVE-2024-27378MEDIUMAn issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_EPSS 0.2%CVE-2026-29137MEDIUMLong Subject UntaggingEPSS 0.2%CVE-2026-4438MEDIUMgethostbyaddr and gethostbyaddr_r return invalid DNS hostnamesEPSS 0.2%CVE-2022-4573MEDIUM
An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with local access and elevated privilegEPSS 0.2%CVE-2026-49214MEDIUMguzzlehttp/psr7 has CRLF Injection via URI Host ComponentEPSS 0.2%CVE-2024-36282HIGHImproper input validation in the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow a privileged EPSS 0.2%CVE-2026-11199MEDIUMInappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to leak EPSS 0.2%CVE-2023-0615MEDIUMA memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. TEPSS 0.2%