Weaknesses of type CWE-20
4,583 resultsCVE-2025-6558HIGHInsufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentiallEPSS 9.5%KEVCVE-2024-30087HIGHWin32k Elevation of Privilege VulnerabilityEPSS 9.5%CVE-2021-43779CRITICALRemote Command Execution vulnerabilityEPSS 9.1%CVE-2015-2291HIGH(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cEPSS 9.0%KEVCVE-2025-34043CRITICALVacron NVR Remote Command ExecutionEPSS 9.0%CVE-2026-47928CRITICALColdFusion | Improper Input Validation (CWE-20)EPSS 8.9%CVE-2022-45725HIGHImproper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the EPSS 8.8%CVE-2019-10969—Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on theEPSS 8.7%CVE-2018-0304—A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remotEPSS 8.7%CVE-2022-0073HIGHAuthenticated Remote Code Execution in OpenLiteSpeed Web ServerEPSS 8.7%CVE-2015-9235—In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetEPSS 8.7%CVE-2023-34152CRITICALA vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes conEPSS 8.0%CVE-2024-38189HIGHMicrosoft Project Remote Code Execution VulnerabilityEPSS 7.9%KEVCVE-2023-36731HIGHWin32k Elevation of Privilege VulnerabilityEPSS 7.8%CVE-2018-0172HIGHA vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticEPSS 7.8%KEVCVE-2020-29075HIGHPDF Injection BlackHat TalkEPSS 7.8%CVE-2025-52905HIGHTOTOLINK X6000R Argument Injection VulnerabilityEPSS 7.8%CVE-2018-0174HIGHA vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticEPSS 7.6%KEVCVE-2018-0173HIGHA vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP VersioEPSS 7.6%KEVCVE-2023-23416HIGHWindows Cryptographic Services Remote Code Execution VulnerabilityEPSS 7.6%