Weaknesses of type CWE-20
4,752 resultsCVE-2026-2555LOWJeecgBoot Retrieval-Augmented Generation AiragKnowledgeController.java importDocumentFromZip deserializationEPSS 0.3%CVE-2022-29213MEDIUMIncomplete validation in signal ops leads to crashes in TensorFlowEPSS 0.3%CVE-2025-24847MEDIUMImproper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an inEPSS 0.3%CVE-2026-49840CRITICALFreeSWITCH: Pre-authentication heap buffer overflow in libesl `Content-Length` parsingEPSS 0.3%CVE-2022-22214MEDIUMJunos OS and Junos OS Evolved: In an MPLS scenario upon receipt of a specific IPv6 packet an FPC will crashEPSS 0.3%CVE-2026-24409HIGHiccDEV has Undefined Behavior and Null Pointer Deference in CIccTagXmlFloatNum<>::ParseXml()EPSS 0.3%CVE-2023-32641HIGHImproper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of sEPSS 0.3%CVE-2021-4041—A flaw was found in ansible-runner. An improper escaping of the shell command, while calling the ansible_runner.interface.run_command, can lEPSS 0.3%CVE-2026-24411HIGHiccDEV has Undefined Behavior and Null Pointer Deference in CIccTagXmlSegmentedCurve::ToXml()EPSS 0.3%CVE-2023-24463MEDIUMImproper input validation in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an unauthenticated user to poEPSS 0.3%CVE-2026-24410HIGHiccDEV has Undefined Behavior and Null Pointer Deference in CIccProfileXml::ParseBasic()EPSS 0.3%CVE-2024-41945LOWThe fuels-ts typescript SDK has no awareness of to-be-spent transactionsEPSS 0.3%CVE-2024-13798MEDIUMPost Grid and Gutenberg Blocks – ComboBlocks <= 2.3.5 - Unauthenticated Paid Order CreationEPSS 0.3%CVE-2025-5455HIGHPossible denial of service when passing malformed data in a URL to qDecodeDataUrlEPSS 0.3%CVE-2026-10992MEDIUMInsufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive EPSS 0.3%CVE-2026-21692HIGHiccDEV has Type Confusion in ToXmlCurve() at IccXML/IccLibXML/IccMpeXml.cppEPSS 0.3%CVE-2026-10968HIGHInsufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compEPSS 0.3%CVE-2026-14631MEDIUMwebpack-dev-server vulnerable to denial of service via a malformed Host or Origin headerEPSS 0.3%CVE-2024-4175MEDIUMImproper Input Validation vulnerability in Hyperion Web ServerEPSS 0.3%CVE-2022-33719HIGHImproper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow.EPSS 0.3%