Weaknesses of type CWE-20

4,752 results
CVE-2025-56404HIGHAn issue was discovered in MariaDB MCP 0.1.0 allowing attackers to gain sensitive information via the SSE service as the SSE service lacks uEPSS 0.3%CVE-2025-63397MEDIUMImproper input validation in OneFlow v0.9.0 allows attackers to cause a segmentation fault via adding a Python sequence to the native code dEPSS 0.3%CVE-2026-32149HIGHWindows Hyper-V Remote Code Execution VulnerabilityEPSS 0.3%CVE-2022-29193MEDIUMMissing validation causes `TensorSummaryV2` in TensorFlow to crashEPSS 0.3%CVE-2022-29207MEDIUMUndefined behavior when users supply invalid resource handles in TensorFlowEPSS 0.3%CVE-2022-29199MEDIUMMissing validation causes denial of service in TensorFlow via `LoadAndRemapMatrix`EPSS 0.3%CVE-2025-13805MEDIUMnutzam NutzBoot LiteRpc-Serializer HttpServletRpcEndpoint.java getInputStream deserializationEPSS 0.3%CVE-2025-8571MEDIUMConcrete CMS 9 through 9.4.2 and below 8.5.21 is vulnerable to Reflected Cross-Site Scripting (XSS) in Conversation Messages Dashboard PageEPSS 0.3%CVE-2022-29195MEDIUMMissing validation causes denial of service in TensorFlow via `StagePeek`EPSS 0.3%CVE-2025-0514HIGHExecutable hyperlink Windows path targets executed unconditionally on activationEPSS 0.3%CVE-2022-29196MEDIUMMissing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`EPSS 0.3%CVE-2022-29200MEDIUMMissing validation causes denial of service in TensorFlow via `LSTMBlockCell`EPSS 0.3%CVE-2022-29198MEDIUMMissing validation causes denial of service in TensorFlow via `SparseTensorToCSRSparseMatrix`EPSS 0.3%CVE-2025-15453MEDIUMmilvus HTTP Endpoint expr.go expr.Exec deserializationEPSS 0.3%CVE-2025-24299HIGHImproper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an esEPSS 0.3%CVE-2022-29212MEDIUMCore dump when loading TFLite models with quantization in TensorFlowEPSS 0.3%CVE-2026-13928HIGHInsufficient validation of untrusted input in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilEPSS 0.3%CVE-2026-13934CRITICALInsufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compEPSS 0.3%CVE-2022-29202MEDIUMDenial of service in TensorFlow due to lack of validation in `tf.ragged.constant`EPSS 0.3%CVE-2026-13817HIGHInsufficient validation of untrusted input in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially perform EPSS 0.3%