Weaknesses of type CWE-20

4,743 results
CVE-2025-0660MEDIUMStored XSS in Folder Function by Rogue AdminEPSS 0.3%CVE-2026-23489CRITICALFields GLPI plugin vulnerable to RCE in dropdown generationEPSS 0.3%CVE-2025-57805HIGHThe Scratch Channel's Publish Articles POST Request Can Upload Articles Without ValidationEPSS 0.3%CVE-2026-13816MEDIUMInsufficient validation of untrusted input in File Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leaEPSS 0.3%CVE-2026-14022MEDIUMInsufficient validation of untrusted input in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised EPSS 0.3%CVE-2020-3201MEDIUMCisco IOS and IOS XE Software Tcl Denial of Service VulnerabilityEPSS 0.3%CVE-2024-51741MEDIUMRedis allows denial-of-service due to malformed ACL selectorsEPSS 0.3%CVE-2026-48289LOWAdobe Experience Manager | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2026-40162HIGHBugsink affected by authenticated arbitrary file write in artifactbundle/assembleEPSS 0.3%CVE-2026-26161HIGHWindows Sensor Data Service Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-8391MEDIUMOther issue in the JavaScript Engine componentEPSS 0.3%CVE-2024-45612MEDIUMInsert tag injection via canonical URL in ContaoEPSS 0.3%CVE-2025-13428HIGHRCE in SecOps SOAR server via user-provided Python packagesEPSS 0.3%CVE-2026-27306HIGHColdFusion | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2019-1945MEDIUMCisco Adaptive Security Appliance Smart Tunnel VulnerabilitiesEPSS 0.3%CVE-2024-52337MEDIUMTuned: improper sanitization of `instance_name` parameter of the `instance_create()` methodEPSS 0.3%CVE-2026-13900MEDIUMInappropriate implementation in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the rendereEPSS 0.3%CVE-2024-1244CRITICALRemote code execution and local privilege escalation due to UNC access and NetNTLMv2 hash theftEPSS 0.3%CVE-2021-0161MEDIUMImproper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 anEPSS 0.3%CVE-2026-43935HIGHe107: Host Header Injection in e107 password reset enables phishingEPSS 0.3%