Weaknesses of type CWE-20
4,752 resultsCVE-2026-21692HIGHiccDEV has Type Confusion in ToXmlCurve() at IccXML/IccLibXML/IccMpeXml.cppEPSS 0.3%CVE-2026-11013MEDIUMInsufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised EPSS 0.3%CVE-2026-30760HIGHAn issue in SourceBans Material Admin before v.1.1.6 (3ecd95e) allows attackers to manipulate arbitrary user data in the web app via a craftEPSS 0.3%CVE-2026-21485HIGHiccDEV Undefined Behavior (UB) and Out of Memory in CIccProfile::LoadTag()EPSS 0.3%CVE-2026-4519HIGHwebbrowser.open() allows leading dashes in URLsEPSS 0.3%CVE-2026-10968HIGHInsufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compEPSS 0.3%CVE-2026-14631MEDIUMwebpack-dev-server vulnerable to denial of service via a malformed Host or Origin headerEPSS 0.3%CVE-2026-35038LOWsignalk-server: Arbitrary Prototype Read via `from` Field BypassEPSS 0.3%CVE-2026-21693HIGHiccDEV has Type Confusion in CIccSegmentedCurveXml::ToXml() at IccXML/IccLibXML/IccMpeXml.cppEPSS 0.3%CVE-2021-0072MEDIUMImproper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in WinEPSS 0.3%CVE-2026-32168HIGHAzure Monitor Agent Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-32990MEDIUMApache Tomcat: Fix for CVE-2025-66614 is incompleteEPSS 0.3%CVE-2020-11850HIGHCross site scripting vulnerability in Self Service Password ResetEPSS 0.3%CVE-2022-27835HIGHImproper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory write.EPSS 0.3%CVE-2026-10920HIGHInsufficient validation of untrusted input in WebShare in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compEPSS 0.3%CVE-2026-10911HIGHInsufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised thEPSS 0.3%CVE-2026-44518MEDIUMliboqs: XMSS Buffer Overread BugEPSS 0.3%CVE-2026-10917HIGHInsufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised thEPSS 0.3%CVE-2026-28907HIGHThe issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOEPSS 0.3%CVE-2025-11273MEDIUMLaChatterie Verger provider.ts redirectToAuthorization deserializationEPSS 0.3%