Weaknesses of type CWE-20

4,749 results
CVE-2024-28127HIGHImproper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privEPSS 0.2%CVE-2024-32653MEDIUMInsufficient input filtering of "package name" allows command execution in the device with shell privilegesEPSS 0.2%CVE-2026-44367LOWKlaw: user lockout due to case sensitivity inconsistencyEPSS 0.2%CVE-2025-61583MEDIUMTS3 Manager is vulnerable to unauthenticated reflected XSS attack due to insecure error handlingEPSS 0.2%CVE-2026-47196HIGHQuest Bot: Empty automod rule causes every guild message to be deletedEPSS 0.2%CVE-2026-14414MEDIUMInsufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised theEPSS 0.2%CVE-2024-30916MEDIUMAn issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensiEPSS 0.2%CVE-2026-35049MEDIUMwire-ios has Persistent Remote DoS via Integer UnderflowEPSS 0.2%CVE-2026-9211MEDIUMCertain NETGEAR routers allow unauthenticated users to gain control of the routerEPSS 0.2%CVE-2025-5089HIGHArista EOS SysDB Agent Denial of Service via Malformed CVX Client/Server MessagesEPSS 0.2%CVE-2023-6992MEDIUMMemory corruption issues is Cloudflare zlib implementationEPSS 0.2%CVE-2025-5090HIGHArista CloudVision Exchange Cluster Instability via Unexpected Switch MessagesEPSS 0.2%CVE-2025-66614HIGHApache Tomcat: Client certificate verification bypass due to virtual host mappingEPSS 0.2%CVE-2026-11146CRITICALInsufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromisEPSS 0.2%CVE-2026-11056CRITICALInsufficient validation of untrusted input in SiteIsolation in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker whoEPSS 0.2%CVE-2025-64515MEDIUMOpen Forms prefill data in read-only components can be tamperedEPSS 0.2%CVE-2026-11119CRITICALInappropriate implementation in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renEPSS 0.2%CVE-2026-11272HIGHInsufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convEPSS 0.2%CVE-2026-56333MEDIUMCapgo - Server-Side Validation Bypass via Direct Browser-Side Organization Security Settings UpdatesEPSS 0.2%CVE-2026-11041HIGHInsufficient validation of untrusted input in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had comEPSS 0.2%