Weaknesses of type CWE-20

4,749 results
CVE-2026-24407HIGHiccDEV has Undefined Behavior in icSigCalcOp()EPSS 0.4%CVE-2025-67484NONEAction API xslt option allows JavaScript execution by administrators who are not interface administratorsEPSS 0.4%CVE-2026-24404HIGHiccDEV has Null Pointer Deference and Undefined Behavior in CIccXmlArrayType()EPSS 0.4%CVE-2023-40165HIGHUnauthorized gem replacement for full names ending in numbers on rubygems.orgEPSS 0.4%CVE-2018-0373A vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys for 64-bit Windows of Cisco AnyConnect Secure Mobility Client for WindowEPSS 0.4%CVE-2025-6444MEDIUMServiceStack GetErrorResponse Improper Input Validation NTLM Relay VulnerabilityEPSS 0.4%CVE-2026-44325HIGHfree5GC: NRF POST /oauth2/token structured-form parser type-confusion panic family (Reflect.Set on incompatible types)EPSS 0.4%CVE-2021-26639HIGHWISA Smart Wing CMS File Download VulnerabilityEPSS 0.4%CVE-2025-11933LOWDoS Vulnerability in wolfSSL TLS 1.3 CKS ExtensionEPSS 0.4%CVE-2025-1088LOWVery long unicode dashboard title or panel name can hang the frontendEPSS 0.4%CVE-2023-23419HIGHWindows Resilient File System (ReFS) Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2023-6073MEDIUMDoS and Control of Volume Settings for VW ID.3 ICAS3 IVI ECUEPSS 0.4%CVE-2026-23836CRITICALHotCRP vulnerable to remote code execution through formulasEPSS 0.4%CVE-2024-48918HIGHLack of Input Validation in RDS Light - Potential for Injection Attacks and Memory TamperingEPSS 0.4%CVE-2026-23886MEDIUMSwift W3C TraceContext has malformed HTTP header that can cause a crashEPSS 0.4%CVE-2022-47909MEDIUMLQL Injection in Livestatus HTTP headersEPSS 0.4%CVE-2017-14025An Improper Input Validation issue was discovered in ABB FOX515T release 1.0. An improper input validation vulnerability has been identifiedEPSS 0.4%CVE-2021-1367MEDIUMCisco NX-OS Software Protocol Independent Multicast Denial of Service VulnerabilityEPSS 0.4%CVE-2018-15368Cisco IOS XE Software Privileged EXEC Mode Root Shell Access VulnerabilityEPSS 0.4%CVE-2026-47930HIGHColdFusion | Improper Input Validation (CWE-20)EPSS 0.4%