Weaknesses of type CWE-20

4,752 results
CVE-2025-43482MEDIUMThe issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. EPSS 0.2%CVE-2025-5173MEDIUMHumanSignal label-studio-ml-backend PT File neural_nets.py load deserializationEPSS 0.2%CVE-2022-42477MEDIUMAn improper input validation vulnerability [CWE-20] in FortiAnalyzer version 7.2.1 and below, version 7.0.6 and below, 6.4 all versions may EPSS 0.2%CVE-2024-21871HIGHImproper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privEPSS 0.2%CVE-2025-12687MEDIUMDenial-of-Service Vulnerability in NomadBranch.exeEPSS 0.2%CVE-2026-15131MEDIUMInappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via aEPSS 0.2%CVE-2026-14137MEDIUMInsufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who coEPSS 0.2%CVE-2026-7993MEDIUMInsufficient validation of untrusted input in Payments in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had EPSS 0.2%CVE-2022-23403MEDIUMImproper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enaEPSS 0.2%CVE-2026-11251LOWInsufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised thEPSS 0.2%CVE-2025-54564HIGHuploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression, which allows command execution EPSS 0.2%CVE-2024-0127HIGHNVIDIA vGPU software contains a vulnerability in the GPU kernel driver of the vGPU Manager for all supported hypervisors, where a user of thEPSS 0.2%CVE-2026-11240LOWInsufficient validation of untrusted input in Loader in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised tEPSS 0.2%CVE-2026-8536LOWInsufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had EPSS 0.2%CVE-2022-28699HIGHImproper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via EPSS 0.2%CVE-2026-7947MEDIUMInsufficient validation of untrusted input in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised EPSS 0.2%CVE-2022-32766HIGHImproper input validation for some Intel(R) BIOS firmware may allow a privileged user to potentially enable escalation of privilege via locaEPSS 0.2%CVE-2024-31158HIGHImproper input validation in UEFI firmware in some Intel(R) Server Board S2600BP Family may allow a privileged user to potentially enable esEPSS 0.2%CVE-2022-43849MEDIUMIBM AIX denial of serviceEPSS 0.2%CVE-2022-38787MEDIUMImproper input validation in firmware for some Intel(R) FPGA products before version 2.7.0 Hotfix may allow an authenticated user to potentiEPSS 0.2%