Weaknesses of type CWE-20
4,751 resultsCVE-2022-42800HIGHThis issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 EPSS 0.3%CVE-2025-26780HIGHAn issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400. The lack of a length check leads to a DenialEPSS 0.3%CVE-2026-38891HIGHAn improper input validation in the gazebo_ros_diff_drive.cpp component of gazebo_plugins v3.9.0 allows attackers to cause a Denial of ServiEPSS 0.3%CVE-2023-21596HIGHAdobe InCopy Improper Input Validation Remote Code Execution VulnerabilityEPSS 0.3%CVE-2024-7977HIGHInsufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege eEPSS 0.3%CVE-2026-22615MEDIUMDue to improper
input validation in one of the Eaton Intelligent Power Protector (IPP) XML, it is
possible for an attacker with admin privilEPSS 0.3%CVE-2023-25651MEDIUMSQL Injection Vulnerability in Some ZTE Mobile Internet ProductsEPSS 0.3%CVE-2024-12014LOWPath Traversal vulnerability in eSignaViewer Allow Unauthorized File AccessEPSS 0.3%CVE-2024-35384MEDIUMAn issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_array_length function in the mjs.c file.EPSS 0.3%CVE-2014-0762—CG Automation ePAQ-9410 Substation Gateway Improper Input ValidationEPSS 0.3%CVE-2026-45678HIGHOpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloadsEPSS 0.3%CVE-2022-29192MEDIUMMissing validation crashes `QuantizeAndDequantizeV4Grad` in TensorFlowEPSS 0.3%CVE-2026-55602MEDIUMhttp-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypassEPSS 0.3%CVE-2025-0958MEDIUMUltimate WordPress Auction Plugin <= 4.2.9 - Missing Authorization to Arbitrary Post DeletionEPSS 0.3%CVE-2024-2536MEDIUMRank Math SEO with AI SEO Tools <= 1.0.214 - Authenticated(Contributor+) Stored Cross-Site Scripting via HowTo block attributesEPSS 0.3%CVE-2021-1432HIGHCisco IOS XE SD-WAN Software Arbitrary Command Execution VulnerabilityEPSS 0.3%CVE-2026-25126HIGHPolarLearn's unvalidated vote direction allows vote count manipulationEPSS 0.3%CVE-2014-2346—COPA-DATA zenon DNP3 Improper Input ValidationEPSS 0.3%CVE-2026-59724HIGHSocket.IO: Engine.IO WebTransport SID DoSEPSS 0.3%CVE-2025-40831HIGHA vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The affected application lacks input validation of dEPSS 0.3%