Weaknesses of type CWE-20
4,597 resultsCVE-2020-15258HIGHInsecure use of shell.openExternal in WireEPSS 2.0%CVE-2022-24723MEDIUMImproper Input Validation in URI.jsEPSS 2.0%CVE-2019-10190MEDIUMA vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers tEPSS 2.0%CVE-2014-2653MEDIUMThe verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFPEPSS 2.0%CVE-2023-35376MEDIUMMicrosoft Message Queuing (MSMQ) Denial of Service VulnerabilityEPSS 2.0%CVE-2023-35377MEDIUMMicrosoft Message Queuing (MSMQ) Denial of Service VulnerabilityEPSS 2.0%CVE-2019-12653HIGHCisco IOS XE Software Raw Socket Transport Denial of Service VulnerabilityEPSS 2.0%CVE-2020-25721—Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to EPSS 2.0%CVE-2019-12657HIGHCisco IOS XE Software Unified Threat Defense Denial of Service VulnerabilityEPSS 2.0%CVE-2023-25696CRITICALApache Airflow Hive Provider Beeline RCEEPSS 2.0%CVE-2021-29486HIGHImproper Input Validation and Loop with Unreachable Exit Condition ('Infinite Loop') in cumulative-distribution-functionEPSS 2.0%CVE-2019-12655HIGHCisco IOS XE Software FTP Application Layer Gateway for NAT, NAT64, and ZBFW Denial of Service VulnerabilityEPSS 2.0%CVE-2021-21404HIGHCrash due to malformed relay protocol messageEPSS 2.0%CVE-2023-36893MEDIUMMicrosoft Outlook Spoofing VulnerabilityEPSS 2.0%CVE-2025-26647HIGHWindows Kerberos Elevation of Privilege VulnerabilityEPSS 2.0%CVE-2020-36332—A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threaEPSS 2.0%CVE-2025-24970HIGHSslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngineEPSS 2.0%CVE-2017-3846—A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticateEPSS 2.0%CVE-2021-42786CRITICALRemote Code Execution at AgentControllerServletEPSS 2.0%CVE-2021-1302HIGHCisco SD-WAN vManage Authorization Bypass VulnerabilitiesEPSS 2.0%