Weaknesses of type CWE-20
4,745 resultsCVE-2024-3172HIGHInsufficient data validation in DevTools in Google Chrome prior to 121.0.6167.85 allowed a remote attacker who convinced a user to engage inEPSS 0.4%CVE-2025-55679MEDIUMWindows Kernel Information Disclosure VulnerabilityEPSS 0.4%CVE-2023-40061HIGHInsecure Job Execution Mechanism Vulnerability EPSS 0.4%CVE-2021-44769MEDIUMTLS Certificate Generation Function Improper Input ValidationEPSS 0.4%CVE-2019-14904—A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the EPSS 0.4%CVE-2025-40836HIGHEricsson Indoor Connect 8855 - Improper Input Validation VulnerabilityEPSS 0.4%CVE-2024-36745HIGHAn issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.EPSS 0.4%CVE-2021-39259MEDIUMA crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3GEPSS 0.4%CVE-2024-36390HIGHMileSight DeviceHub - CWE-20 Improper Input ValidationEPSS 0.4%CVE-2021-39260MEDIUMA crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22.EPSS 0.4%CVE-2021-39262MEDIUMA crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.EPSS 0.4%CVE-2024-36742HIGHAn issue in the oneflow.scatter_nd parameter OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when index paraEPSS 0.4%CVE-2026-24505HIGHDell PowerProtect Data Domain, versions 8.5 through 8.6 contain an improper input validation vulnerability. A high privileged attacker with EPSS 0.4%CVE-2024-20274MEDIUMCisco Secure Firewall Management Center HTML Injection VulnerabilityEPSS 0.4%CVE-2026-8959CRITICALSandbox escape due to incorrect boundary conditions in the Widget: Win32 componentEPSS 0.4%CVE-2024-32989LOWInsufficient verification vulnerability in the system sharing pop-up module
Impact: Successful exploitation of this vulnerability will affecEPSS 0.4%CVE-2025-23268HIGHNVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper input validation issue. EPSS 0.4%CVE-2025-5498MEDIUMslackero phpwcms Custom Source Tab cnt21.readform.inc.php is_file deserializationEPSS 0.4%CVE-2026-0878HIGHSandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL componentEPSS 0.4%CVE-2022-33211CRITICALImproper Input Validation in MODEMEPSS 0.4%