Weaknesses of type CWE-20
4,752 resultsCVE-2026-21688HIGHiccDEV has Type Confusion in SIccCalcOp::ArgsPushed() at IccProfLib/IccMpeCalc.cppEPSS 0.3%CVE-2024-4353MEDIUMStored XSS in Generate Board Name Input FieldEPSS 0.3%CVE-2026-13806HIGHInsufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had comproEPSS 0.3%CVE-2026-21682HIGHiccDEV has heap-buffer-overflow in CIccXmlArrayType::ParseText()EPSS 0.3%CVE-2026-21310MEDIUMAdobe Commerce | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2022-22230MEDIUMJunos OS and Junos OS Evolved: RPD crash upon receipt of specific OSPFv3 LSAsEPSS 0.3%CVE-2026-11047CRITICALInappropriate implementation in Base in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the reEPSS 0.3%CVE-2026-24811CRITICALAn improper pointer arithmetic in root-project/root at builtins/zlib/inffast.cEPSS 0.3%CVE-2021-0156HIGHImproper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation oEPSS 0.3%CVE-2025-43533MEDIUMThe issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS SeEPSS 0.3%CVE-2023-22329LOWImproper input validation in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of EPSS 0.3%CVE-2026-10966CRITICALInappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox esEPSS 0.3%CVE-2025-3162MEDIUMInternLM LMDeploy PT File utils.py load_weight_ckpt deserializationEPSS 0.3%CVE-2026-3641MEDIUMAppmax <= 1.0.3 - Missing Authorization to Order Status Manipulation and Arbitrary Order Creation via Webhook EndpointEPSS 0.3%CVE-2026-23489CRITICALFields GLPI plugin vulnerable to RCE in dropdown generationEPSS 0.3%CVE-2022-2868—libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacEPSS 0.3%CVE-2024-28028HIGHImproper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an unauthenticated user to potentially eEPSS 0.3%CVE-2025-0660MEDIUMStored XSS in Folder Function by Rogue AdminEPSS 0.3%CVE-2025-57805HIGHThe Scratch Channel's Publish Articles POST Request Can Upload Articles Without ValidationEPSS 0.3%CVE-2026-14022MEDIUMInsufficient validation of untrusted input in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised EPSS 0.3%