Weaknesses of type CWE-20
4,739 resultsCVE-2025-11135MEDIUMpmTicket Project-Management-Software Cookie class.database.php loadLanguage deserializationEPSS 0.4%CVE-2026-14104HIGHInsufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arEPSS 0.4%CVE-2022-34758MEDIUMA CWE-20: Improper Input Validation vulnerability exists that could cause the device watchdog function to be disabled if the attacker had acEPSS 0.4%CVE-2024-51392HIGHAn issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via the url parameter of the getPDF.php componentEPSS 0.4%CVE-2023-4553MEDIUMUnauthenticated Access to AppBuilder Configuration FilesEPSS 0.4%CVE-2024-37406HIGHIn Brave Android prior to v1.67.116, domains in the Brave Shields popup are elided from the right instead of the left, which may lead to domEPSS 0.4%CVE-2023-4435HIGHImproper Input Validation in hamza417/inureEPSS 0.4%CVE-2026-28860HIGHThe issue was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOSEPSS 0.4%CVE-2025-34124HIGHHeroes of Might and Magic III .h3m Map File Buffer OverflowEPSS 0.4%CVE-2024-20334MEDIUMA vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attaEPSS 0.4%CVE-2025-3622MEDIUMXorbits Inference model.py load deserializationEPSS 0.4%CVE-2025-59161LOWIn Element Web and Element Desktop, a malicious room can hide an unrelated room and cause it to be left when the malicious room is leftEPSS 0.4%CVE-2023-39404—Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerabilityEPSS 0.4%CVE-2020-3204MEDIUMCisco IOS and IOS XE Software Tcl Arbitrary Code Execution VulnerabilityEPSS 0.4%CVE-2024-41856HIGHIllustrator | Improper Input Validation (CWE-20)EPSS 0.4%CVE-2023-52372HIGHVulnerability of input parameter verification in the motor module.Successful exploitation of this vulnerability may affect availability.EPSS 0.4%CVE-2022-27574MEDIUMImproper input validation vulnerability in parser_iloc and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 ReleasEPSS 0.4%CVE-2023-6784MEDIUMPotential Use of the Sitefinity System for Distribution of Phishing EmailsEPSS 0.4%CVE-2023-39382— Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to resEPSS 0.4%CVE-2023-39381— Input verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart.EPSS 0.4%