Weaknesses of type CWE-20
4,745 resultsCVE-2021-3442—A flaw was found in the Red Hat OpenShift API Management product. User input is not validated allowing an authenticated user to inject scripEPSS 0.4%CVE-2017-12223—A vulnerability in the ROM Monitor (ROMMON) code of Cisco IR800 Integrated Services Router Software could allow an unauthenticated, local atEPSS 0.4%CVE-2021-39251MEDIUMA crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22.EPSS 0.4%CVE-2023-41316MEDIUMHTML Injection with email in TolgeeEPSS 0.4%CVE-2021-33285MEDIUMIn NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap bufferEPSS 0.4%CVE-2025-9066HIGHRockwell Automation FactoryTalk® ViewPoint XXE to Denial-of-Service VulnerabilityEPSS 0.4%CVE-2022-25818MEDIUMImproper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution.EPSS 0.4%CVE-2025-57528HIGHAn issue was discovered in Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01 allowing attackers to cause a denial of service via the funcname, EPSS 0.4%CVE-2021-0162HIGHImproper input validation in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticaEPSS 0.4%CVE-2025-52569MEDIUMGitHub.jl lacks validation for user-provided fieldsEPSS 0.4%CVE-2021-0163HIGHImproper Validation of Consistency within input in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 mayEPSS 0.4%CVE-2025-50178MEDIUMGitForge.jl lacks validation for user provided fieldsEPSS 0.4%CVE-2023-22937MEDIUMUnnecessary File Extensions Allowed by Lookup Table Uploads in Splunk EnterpriseEPSS 0.4%CVE-2024-41839LOWAdobe Experience Manager | Improper Input Validation (CWE-20)EPSS 0.4%CVE-2022-31172HIGHOpenZeppelin Contracts's SignatureChecker may revert on invalid EIP-1271 signersEPSS 0.4%CVE-2018-5270HIGHIn Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unsEPSS 0.4%CVE-2024-23983MEDIUMAccess rules for PingAccess may be circumvented with URL-encoded charactersEPSS 0.4%CVE-2023-39405—Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of this vulnerability may cause other apps EPSS 0.4%CVE-2022-48605—Input verification vulnerability in the fingerprint module. Successful exploitation of this vulnerability will affect confidentiality, integEPSS 0.4%CVE-2026-53492HIGHcontainerd CRI checkpoint restore CDI annotation smugglingEPSS 0.4%