Weaknesses of type CWE-20
4,743 resultsCVE-2021-1448HIGHCisco Firepower Threat Defense Software Command Injection VulnerabilityEPSS 0.3%CVE-2026-13806HIGHInsufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had comproEPSS 0.3%CVE-2026-21682HIGHiccDEV has heap-buffer-overflow in CIccXmlArrayType::ParseText()EPSS 0.3%CVE-2026-42553HIGHCinny: Access token disclosure via invalidated emoji pack avatar URL in service workerEPSS 0.3%CVE-2024-20034HIGHIn battery, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege withEPSS 0.3%CVE-2026-45492MEDIUMMicrosoft Edge (Chromium-based) Security Feature Bypass VulnerabilityEPSS 0.3%CVE-2022-22230MEDIUMJunos OS and Junos OS Evolved: RPD crash upon receipt of specific OSPFv3 LSAsEPSS 0.3%CVE-2026-13891HIGHInsufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromisEPSS 0.3%CVE-2026-21310MEDIUMAdobe Commerce | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2021-0156HIGHImproper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation oEPSS 0.3%CVE-2026-11047CRITICALInappropriate implementation in Base in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the reEPSS 0.3%CVE-2026-24811CRITICALAn improper pointer arithmetic in root-project/root at builtins/zlib/inffast.cEPSS 0.3%CVE-2025-43533MEDIUMThe issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS SeEPSS 0.3%CVE-2026-3641MEDIUMAppmax <= 1.0.3 - Missing Authorization to Order Status Manipulation and Arbitrary Order Creation via Webhook EndpointEPSS 0.3%CVE-2022-2868—libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacEPSS 0.3%CVE-2025-44016HIGHFile Hash Validation Bypass in NomadBranch.exeEPSS 0.3%CVE-2026-10966CRITICALInappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox esEPSS 0.3%CVE-2024-28028HIGHImproper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an unauthenticated user to potentially eEPSS 0.3%CVE-2025-3162MEDIUMInternLM LMDeploy PT File utils.py load_weight_ckpt deserializationEPSS 0.3%CVE-2025-57805HIGHThe Scratch Channel's Publish Articles POST Request Can Upload Articles Without ValidationEPSS 0.3%