Weaknesses of type CWE-20
4,753 resultsCVE-2024-23294HIGHThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.4. Processing malicious input may lead to cEPSS 0.3%CVE-2025-59886HIGHImproper input validation at one of the endpoints of Eaton xComfort ECI's
web interface, could lead into an attacker with network access tEPSS 0.3%CVE-2026-46679HIGHlibp2p: Memory DoS via subscription flood of unique topicsEPSS 0.3%CVE-2025-57835HIGHAn issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330EPSS 0.3%CVE-2026-26935MEDIUMImproper Input Validation in Kibana Leading to Denial of ServiceEPSS 0.3%CVE-2025-5992LOWPassing values outside of expected range to QColorTransferGenericFunction can cause a denial of serviceEPSS 0.3%CVE-2026-49475HIGHFreeSWITCH: Out-of-bounds memory access in core STUN attribute parsingEPSS 0.3%CVE-2026-13856HIGHInsufficient validation of untrusted input in Speech in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had coEPSS 0.3%CVE-2022-3388HIGHInput Validation Vulnerability in Hitachi Energy’s MicroSCADA Pro/X SYS600 ProductsEPSS 0.3%CVE-2022-48321MEDIUMSSRF in agent-receiver APIEPSS 0.3%CVE-2026-13824HIGHInsufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the rendEPSS 0.3%CVE-2026-13813HIGHInsufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had compromisEPSS 0.3%CVE-2026-48108MEDIUMRussh: SSH identification parsing accepted non-canonical client banners and did not bound pre-banner inputEPSS 0.3%CVE-2025-15358HIGHDVP-12SE11T - Denial of Service VulnerabilityEPSS 0.3%CVE-2026-11120CRITICALInsufficient validation of untrusted input in Enterprise Reporting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who hadEPSS 0.3%CVE-2025-12907HIGHInsufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrarEPSS 0.3%CVE-2026-11095CRITICALInsufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised tEPSS 0.3%CVE-2026-14382CRITICALInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially performEPSS 0.3%CVE-2025-1440MEDIUMAdvanced iFrame <= 2024.5 - Unauthenticated Settings UpdateEPSS 0.3%CVE-2026-11113CRITICALInsufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised thEPSS 0.3%