Weaknesses of type CWE-20
4,583 resultsCVE-2020-3110HIGHCisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial of Service VulnerabilityEPSS 5.7%CVE-2024-38196HIGHWindows Common Log File System Driver Elevation of Privilege VulnerabilityEPSS 5.7%CVE-2018-0312—A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remotEPSS 5.7%CVE-2018-0308—A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remotEPSS 5.7%CVE-2020-26146MEDIUMAn issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consEPSS 5.6%CVE-2020-15180—A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection thatEPSS 5.5%CVE-2017-7522—OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificaEPSS 5.5%CVE-2019-1862HIGHCisco IOS XE Software Web UI Command Injection VulnerabilityEPSS 5.5%CVE-2017-12319MEDIUMA vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow aEPSS 5.4%KEVCVE-2020-3252CRITICALMultiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big DataEPSS 5.3%CVE-2020-1747CRITICALA vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it pEPSS 5.3%CVE-2025-54248HIGHAdobe Experience Manager | Improper Input Validation (CWE-20)EPSS 5.2%CVE-2024-30078HIGHWindows Wi-Fi Driver Remote Code Execution VulnerabilityEPSS 5.2%CVE-2018-1060MEDIUMpython before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. AnEPSS 5.1%CVE-2021-44548—Apache Solr information disclosure vulnerability through DataImportHandlerEPSS 5.1%CVE-2011-0627HIGHAdobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to EPSS 5.1%CVE-2020-3327HIGHClamAV ARJ Archive Parsing Denial of Service VulnerabilityEPSS 5.1%CVE-2022-39291MEDIUMDenial of service through logs in zoneminderEPSS 5.1%CVE-2018-16874MEDIUMIn Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path oEPSS 5.0%CVE-2014-125117CRITICALD-Link info.cgi POST Request Stack-Based Buffer Overflow RCEEPSS 5.0%