Weaknesses of type CWE-20
4,713 resultsCVE-2023-29455MEDIUMReflected XSS in several fields of graph formEPSS 0.6%CVE-2024-41940CRITICALA vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly validate user input to a EPSS 0.6%CVE-2024-23335MEDIUMBackups directory .htaccess deletion in. MyBBEPSS 0.6%CVE-2026-25117HIGHpwn.college DOJO vulnerable to sandbox escape leading to arbitrary javascript executionEPSS 0.6%CVE-2026-25128HIGHfast-xml-parser has RangeError DoS Numeric Entities BugEPSS 0.6%CVE-2023-20532MEDIUMInsufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service.
EPSS 0.6%CVE-2022-32237—When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual EnterpriEPSS 0.6%CVE-2022-32240—When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise ViewEPSS 0.6%CVE-2023-3769HIGHVulnerability in Ingeteam's INGEPAC EF EPSS 0.6%CVE-2022-32241—When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual EnterpriseEPSS 0.6%CVE-2025-60938HIGHEmoncms 11.7.3 has a remote code execution vulnerability in the firmware upload feature that allows authenticated users to execute arbitraryEPSS 0.6%CVE-2025-2689MEDIUMyiisoft Yii2 SortableIterator.php getIterator deserializationEPSS 0.6%CVE-2023-3768HIGHVulnerability in Ingeteam's INGEPAC EF/DAEPSS 0.6%CVE-2026-47931HIGHColdFusion | Improper Input Validation (CWE-20)EPSS 0.6%CVE-2025-27731HIGHMicrosoft OpenSSH for Windows Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2026-2113MEDIUMyuan1994 tpadmin WebUploader preview.php deserializationEPSS 0.6%CVE-2024-6658HIGHImproper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.EPSS 0.6%CVE-2022-36082MEDIUMmangadex-downloader vulnerable to unauthorized file readingEPSS 0.6%CVE-2024-27093MEDIUMMinder trusts client-provided mapping from repo name to upstream IDEPSS 0.6%CVE-2024-2339HIGHImproper Input Validation in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking ruleEPSS 0.6%