Weaknesses of type CWE-20

4,753 results
CVE-2024-5681HIGHCWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kerneEPSS 0.2%CVE-2026-33729MEDIUMOpenFGA has an Authorization Bypass through cached keysEPSS 0.2%CVE-2026-14115HIGHInsufficient validation of untrusted input in Cast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised theEPSS 0.2%CVE-2026-27818HIGHTerriaJS-Server has a domain validation bypass vulnerability in its proxy allowlistEPSS 0.2%CVE-2021-36283HIGHDell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerabiliEPSS 0.2%CVE-2023-34431HIGHImproper input validation in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilEPSS 0.2%CVE-2026-46357MEDIUMHAX CMS NodeJS application Vulnerable to Denial of Service using Malicious Import RequestEPSS 0.2%CVE-2024-55655LOWsigstore-python has insufficient validation of integration timestamp during verificationEPSS 0.2%CVE-2026-41727MEDIUMIn Spring for Apache Kafka, forged retry topic headers subvert retry routing and backoff behaviorEPSS 0.2%CVE-2026-26952MEDIUMPi-hole Web Interface has Stored HTML Injection via Local DNS Records (CNAME/Hosts) in data-tag AttributeEPSS 0.2%CVE-2026-34773MEDIUMElectron: Registry key path injection in app.setAsDefaultProtocolClient on WindowsEPSS 0.2%CVE-2024-54011MEDIUMMissing Error/Exception HandlingEPSS 0.2%CVE-2020-12961A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged register on the EPSS 0.2%CVE-2022-1108MEDIUMA potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could beEPSS 0.2%CVE-2024-9875HIGHOkta Privileged Access server agent (SFTD) versions 1.82.0 to 1.84.0 are affected by a privilege escalation vulnerability when the sudo commEPSS 0.2%CVE-2024-31965MEDIUMA vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 ConferenEPSS 0.2%CVE-2024-24582HIGHImproper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable eEPSS 0.2%CVE-2026-34207HIGHTypeBot: SSRF Protection Bypass via DNS-Resolved Hostnames in Webhook / HTTP Request ValidationEPSS 0.2%CVE-2022-30712HIGHImproper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.EPSS 0.2%CVE-2024-25010HIGHEricsson RAN Compute and Site Controller 6610 - Improper Input Validation VulnerabilityEPSS 0.2%