Weaknesses of type CWE-20

4,752 results
CVE-2025-10630MEDIUMRegex DoS in Grafana Zabbix PluginEPSS 0.3%CVE-2018-10497This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. AnEPSS 0.3%CVE-2025-27599MEDIUMElement X Android vulnerable to loading malicious web pages via received intentEPSS 0.3%CVE-2025-59535MEDIUMDotNetNuke.Core allows loading of unused themes on anonymous clients through query parametersEPSS 0.3%CVE-2023-44183MEDIUMJunos OS: QFX5000 Series, EX4600 Series: In a VxLAN scenario an adjacent attacker within the VxLAN sending genuine packets may cause a DMA memory leak to occur.EPSS 0.3%CVE-2025-23336MEDIUMNVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause a denial of service by loading aEPSS 0.3%CVE-2023-25859HIGHAdobe Illustrator Improper Input Validation Remote Code Execution VulnerabilityEPSS 0.3%CVE-2026-21679HIGHiccDEV has heap-buffer-overflow vulnerability in CIccLocalizedUnicode::GetText()EPSS 0.3%CVE-2021-0066HIGHImproper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 anEPSS 0.3%CVE-2021-20268An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF scrEPSS 0.3%CVE-2018-10499This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.EPSS 0.3%CVE-2026-3470LOWA vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowiEPSS 0.3%CVE-2023-39137An issue in Archive v3.3.7 allows attackers to spoof zip filenames which can lead to inconsistent filename parsing.EPSS 0.3%CVE-2025-63095MEDIUMImproper input validation in the BitstreamWriter::write_bits() function of Tempus Ex hello-video-codec v0.1.0 allows attackers to cause a DeEPSS 0.3%CVE-2026-32735LOWUnpacking Arbitrary Mustache Template Files via `maven-dependency-plugin`EPSS 0.3%CVE-2024-2751MEDIUMExclusive Addons for Elementor <= 2.6.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via InfoBoxEPSS 0.3%CVE-2025-66786HIGHOpenAirInterface CN5G AMF<=v2.0.1 There is a logical error when processing JSON format requests. Unauthorized remote attackers can send maliEPSS 0.3%CVE-2026-54133CRITICALjmespath.php has CompilerRuntime code injection via unescaped function namesEPSS 0.3%CVE-2024-1534MEDIUMBooster for WooCommerce <= 7.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortocdeEPSS 0.3%CVE-2023-3456Vulnerability of kernel raw address leakage in the hang detector module. Successful exploitation of this vulnerability may affect service cEPSS 0.3%