Weaknesses of type CWE-20

4,753 results
CVE-2026-14022MEDIUMInsufficient validation of untrusted input in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised EPSS 0.3%CVE-2024-51741MEDIUMRedis allows denial-of-service due to malformed ACL selectorsEPSS 0.3%CVE-2026-40162HIGHBugsink affected by authenticated arbitrary file write in artifactbundle/assembleEPSS 0.3%CVE-2026-13816MEDIUMInsufficient validation of untrusted input in File Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leaEPSS 0.3%CVE-2020-3201MEDIUMCisco IOS and IOS XE Software Tcl Denial of Service VulnerabilityEPSS 0.3%CVE-2024-52337MEDIUMTuned: improper sanitization of `instance_name` parameter of the `instance_create()` methodEPSS 0.3%CVE-2025-13428HIGHRCE in SecOps SOAR server via user-provided Python packagesEPSS 0.3%CVE-2019-1945MEDIUMCisco Adaptive Security Appliance Smart Tunnel VulnerabilitiesEPSS 0.3%CVE-2026-26161HIGHWindows Sensor Data Service Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-8391MEDIUMOther issue in the JavaScript Engine componentEPSS 0.3%CVE-2024-45612MEDIUMInsert tag injection via canonical URL in ContaoEPSS 0.3%CVE-2026-27306HIGHColdFusion | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2026-13829HIGHInsufficient validation of untrusted input in Settings in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had EPSS 0.3%CVE-2026-43935HIGHe107: Host Header Injection in e107 password reset enables phishingEPSS 0.3%CVE-2021-0161MEDIUMImproper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 anEPSS 0.3%CVE-2026-13900MEDIUMInappropriate implementation in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the rendereEPSS 0.3%CVE-2026-7712MEDIUMMindsDB Pickle pickle.loads deserializationEPSS 0.3%CVE-2020-13602MEDIUMRemote Denial of Service in LwM2M do_write_op_tlvEPSS 0.3%CVE-2024-1244CRITICALRemote code execution and local privilege escalation due to UNC access and NetNTLMv2 hash theftEPSS 0.3%CVE-2026-13834HIGHInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised thEPSS 0.3%