Weaknesses of type CWE-20
4,746 resultsCVE-2025-71007HIGHAn input validation vulnerability in the oneflow.index_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) vEPSS 0.4%CVE-2026-53492HIGHcontainerd CRI checkpoint restore CDI annotation smugglingEPSS 0.4%CVE-2025-5326MEDIUMzhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 verifyToken deserializationEPSS 0.4%CVE-2022-43562LOWHost Header Injection in Splunk EnterpriseEPSS 0.4%CVE-2025-0424MEDIUMMultiple Authenticated Stored Cross-Site ScriptingEPSS 0.4%CVE-2025-11346MEDIUMILIAS Base64 Decoding unserialize deserializationEPSS 0.4%CVE-2026-10904HIGHInappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandEPSS 0.4%CVE-2026-26156HIGHWindows Hyper-V Remote Code Execution VulnerabilityEPSS 0.4%CVE-2026-45636HIGHWindows NTFS Remote Code Execution VulnerabilityEPSS 0.4%CVE-2026-29909MEDIUMMRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpointEPSS 0.4%CVE-2026-48288LOWAdobe Experience Manager | Improper Input Validation (CWE-20)EPSS 0.4%CVE-2025-49081MEDIUMInput validation vulnerability in the Secure Access prior to version 13.55EPSS 0.4%CVE-2025-15284MEDIUMarrayLimit bypass in bracket notation allows DoS via memory exhaustionEPSS 0.4%CVE-2022-35964MEDIUMSegfault in `BlockLSTMGradV2` in TensorFlowEPSS 0.4%CVE-2023-24062MEDIUMDiebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR12, 4.0.0 SR04, 4.1.0 SR02, and 4.2.0 SR01 fails to validate the directory strucEPSS 0.4%CVE-2020-16127LOWaccountsservice .pam_environment infinite loopEPSS 0.4%CVE-2023-0881HIGHDDoS in Ubuntu package linux-bluefieldEPSS 0.4%CVE-2025-5552MEDIUMChestnutCMS API Endpoint exec deserializationEPSS 0.4%CVE-2022-35967MEDIUMSegfault in `QuantizedAdd` in TensorFlowEPSS 0.4%CVE-2022-35972MEDIUMSegfault in `QuantizedBiasAdd` in TensorFlowEPSS 0.4%