Weaknesses of type CWE-20
4,737 resultsCVE-2026-10904HIGHInappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandEPSS 0.4%CVE-2025-11346MEDIUMILIAS Base64 Decoding unserialize deserializationEPSS 0.4%CVE-2026-45636HIGHWindows NTFS Remote Code Execution VulnerabilityEPSS 0.4%CVE-2025-15284MEDIUMarrayLimit bypass in bracket notation allows DoS via memory exhaustionEPSS 0.4%CVE-2026-48288LOWAdobe Experience Manager | Improper Input Validation (CWE-20)EPSS 0.4%CVE-2025-49081MEDIUMInput validation vulnerability in the Secure Access prior to version 13.55EPSS 0.4%CVE-2026-29909MEDIUMMRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpointEPSS 0.4%CVE-2022-35966MEDIUMSegfault in `QuantizedAvgPool` in TensorFlowEPSS 0.4%CVE-2022-23425HIGHImproper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with EPSS 0.4%CVE-2022-35964MEDIUMSegfault in `BlockLSTMGradV2` in TensorFlowEPSS 0.4%CVE-2023-0881HIGHDDoS in Ubuntu package linux-bluefieldEPSS 0.4%CVE-2025-5552MEDIUMChestnutCMS API Endpoint exec deserializationEPSS 0.4%CVE-2026-8751MEDIUMh2oai h2o-3 JAR Model.java importBinaryModel deserializationEPSS 0.4%CVE-2022-35967MEDIUMSegfault in `QuantizedAdd` in TensorFlowEPSS 0.4%CVE-2023-24062MEDIUMDiebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR12, 4.0.0 SR04, 4.1.0 SR02, and 4.2.0 SR01 fails to validate the directory strucEPSS 0.4%CVE-2022-35972MEDIUMSegfault in `QuantizedBiasAdd` in TensorFlowEPSS 0.4%CVE-2020-16127LOWaccountsservice .pam_environment infinite loopEPSS 0.4%CVE-2024-25999HIGHPHOENIX CONTACT: Privilege escalation in the OCPP agent serviceEPSS 0.4%CVE-2023-50733HIGHA Server-Side Request Forgery (SSRF) vulnerability exists in newer Lexmark devices.EPSS 0.4%CVE-2024-36047CRITICALInfoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation.EPSS 0.4%