Weaknesses of type CWE-20

4,749 results
CVE-2024-24582HIGHImproper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable eEPSS 0.2%CVE-2026-34207HIGHTypeBot: SSRF Protection Bypass via DNS-Resolved Hostnames in Webhook / HTTP Request ValidationEPSS 0.2%CVE-2022-30712HIGHImproper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.EPSS 0.2%CVE-2022-28611MEDIUMImproper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to poEPSS 0.2%CVE-2024-34118MEDIUMAdobe illustrator 2024 TIF File parsing Division by zero denial of serviceEPSS 0.2%CVE-2026-13959MEDIUMInsufficient validation of untrusted input in Blink in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin EPSS 0.2%CVE-2024-20406HIGHCisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service VulnerabilityEPSS 0.2%CVE-2026-21687HIGHiccDEV has Undefined Behavior in CIccTagCurve::CIccTagCurve()EPSS 0.2%CVE-2021-26323Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity.EPSS 0.2%CVE-2024-28127HIGHImproper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privEPSS 0.2%CVE-2021-25504MEDIUMIntent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information.EPSS 0.2%CVE-2026-5885MEDIUMInsufficient validation of untrusted input in WebML in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to obtain pEPSS 0.2%CVE-2026-14401HIGHInsufficient validation of untrusted input in ANGLE in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had comEPSS 0.2%CVE-2026-14412HIGHInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised thEPSS 0.2%CVE-2023-34440HIGHImproper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privEPSS 0.2%CVE-2024-29214HIGHImproper input validation in UEFI firmware CseVariableStorageSmm for some Intel(R) Processors may allow a privileged user to potentially enaEPSS 0.2%CVE-2026-9914HIGHInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised tEPSS 0.2%CVE-2026-7967HIGHInsufficient validation of untrusted input in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromisEPSS 0.2%CVE-2026-42261HIGHPromptHub: Authenticated SSRF via IPv6 filter bypass in `POST /api/skills/fetch-remote`EPSS 0.2%CVE-2024-28047MEDIUMImproper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information discloEPSS 0.2%