Weaknesses of type CWE-20
4,599 resultsCVE-2020-9743MEDIUMHTML injection in AEM's content editor componentEPSS 2.0%CVE-2018-15428—Cisco IOS XR Software Border Gateway Protocol Denial of Service VulnerabilityEPSS 2.0%CVE-2021-20273—A flaw was found in privoxy before 3.0.32. A crash can occur via a crafted CGI request if Privoxy is toggled off.EPSS 2.0%CVE-2017-9022HIGHThe gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers EPSS 2.0%CVE-2020-10289HIGHRVD#2401: Use of unsafe yaml load, ./src/actionlib/tools/library.py:132EPSS 1.9%CVE-2021-33012HIGHRockwell Automation MicroLogix 1100, all versions, allows a remote, unauthenticated attacker sending specially crafted commands to cause theEPSS 1.9%CVE-2021-36021HIGHMagento Commerce CMS Page Improper Input Validation Could Lead To Remote Code ExecutionEPSS 1.9%CVE-2020-8187—Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform EPSS 1.9%CVE-2021-21705MEDIUMIncorrect URL validation in FILTER_VALIDATE_URLEPSS 1.9%CVE-2021-37909CRITICALCHANGING Inc. TSSServiSignAdapter Windows Versions - Improper Input ValidationEPSS 1.9%CVE-2019-13541—In Horner Automation Cscape 9.90 and prior, an improper input validation vulnerability has been identified that may be exploited by processiEPSS 1.9%CVE-2021-40120MEDIUMCisco Small Business RV Series Routers Command Injection VulnerabilityEPSS 1.9%CVE-2019-10191MEDIUMA vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-securEPSS 1.9%CVE-2023-40743CRITICALApache Axis 1.x (EOL) may allow RCE when untrusted input is passed to getServiceEPSS 1.9%CVE-2019-1964HIGHCisco NX-OS Software IPv6 Denial of Service VulnerabilityEPSS 1.9%CVE-2019-1962HIGHCisco NX-OS Software Cisco Fabric Services over IP Denial of Service VulnerabilityEPSS 1.9%CVE-2021-21322CRITICALPrefix escapeEPSS 1.9%CVE-2023-32057CRITICALMicrosoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityEPSS 1.9%CVE-2017-6792—A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attackEPSS 1.9%CVE-2018-0298—A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to caEPSS 1.9%