Weaknesses of type CWE-20
4,752 resultsCVE-2025-66786HIGHOpenAirInterface CN5G AMF<=v2.0.1 There is a logical error when processing JSON format requests. Unauthorized remote attackers can send maliEPSS 0.3%CVE-2022-21180MEDIUMImproper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local acEPSS 0.3%CVE-2024-2751MEDIUMExclusive Addons for Elementor <= 2.6.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via InfoBoxEPSS 0.3%CVE-2023-7012HIGHInsufficient data validation in Permission Prompts in Google Chrome prior to 117.0.5938.62 allowed an attacker who convinced a user to instaEPSS 0.3%CVE-2026-22047HIGHiccDEV has heap-buffer-overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cppEPSS 0.3%CVE-2026-14065MEDIUMInsufficient validation of untrusted input in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromisedEPSS 0.3%CVE-2025-8097MEDIUMWoodMart - Multipurpose WooCommerce Theme <= 8.2.6 - Improper Input Validation Leading to Unauthenticated Cart ManipulationEPSS 0.3%CVE-2026-13926MEDIUMInsufficient validation of untrusted input in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised EPSS 0.3%CVE-2026-45642LOWMicrosoft Azure Attestation service and Device Health Attestation Service Spoofing VulnerabilityEPSS 0.3%CVE-2025-3068HIGHInappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege esEPSS 0.3%CVE-2026-14023MEDIUMInsufficient validation of untrusted input in SanitizerAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same EPSS 0.3%CVE-2026-13924MEDIUMInsufficient validation of untrusted input in WebView in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had cEPSS 0.3%CVE-2026-13921MEDIUMInsufficient validation of untrusted input in DeviceBoundSessionCredentials in Google Chrome prior to 150.0.7871.47 allowed a remote attackeEPSS 0.3%CVE-2019-15265HIGHCisco Aironet Access Points Bridge Protocol Data Unit Port Disable Denial of Service VulnerabilityEPSS 0.3%CVE-2026-13847MEDIUMInsufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leaEPSS 0.3%CVE-2025-43375HIGHThe issue was addressed with improved checks. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process.EPSS 0.3%CVE-2025-59940MEDIUMmkdocs-include-markdown-plugin susceptible to unvalidated input colliding with substitution placeholdersEPSS 0.3%CVE-2024-0045HIGHIn smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proxiEPSS 0.3%CVE-2023-7248MEDIUMOpenText Vertica Management console might be prone to bypass via crafted requestsEPSS 0.3%CVE-2022-29197MEDIUMMissing validation causes denial of service in TensorFlow via `UnsortedSegmentJoin`EPSS 0.3%