Weaknesses of type CWE-20
4,753 resultsCVE-2022-1242HIGHApport can be tricked into connecting to arbitrary sockets as the root userEPSS 0.2%CVE-2026-9880HIGHInsufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised tEPSS 0.2%CVE-2025-24504MEDIUMAn improper input validation the CSRF filter results in unsanitized user input written to the application logs.EPSS 0.2%CVE-2022-27843MEDIUMDLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code.EPSS 0.2%CVE-2025-7507MEDIUMelink – Embed Content <= 1.1.0 - Authenticated (Contributor+) Insufficient Input ValidationEPSS 0.2%CVE-2023-25951MEDIUMImproper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow a privileEPSS 0.2%CVE-2025-69278HIGHIn nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additionEPSS 0.2%CVE-2026-9885HIGHInsufficient validation of untrusted input in UI in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromisEPSS 0.2%CVE-2025-69279HIGHIn nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additionEPSS 0.2%CVE-2026-44204MEDIUMShelf: SQL Injection via sortBy ParameterEPSS 0.2%CVE-2026-9898HIGHInsufficient validation of untrusted input in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compEPSS 0.2%CVE-2026-6180MEDIUMPaperCut MF: Card truncation on HP readersEPSS 0.2%CVE-2026-14429HIGHInsufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised theEPSS 0.2%CVE-2021-33108MEDIUMImproper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enEPSS 0.2%CVE-2022-24382MEDIUMImproper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via lEPSS 0.2%CVE-2022-27842MEDIUMDLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to execute abitrary code.EPSS 0.2%CVE-2025-43348MEDIUMA logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. AnEPSS 0.2%CVE-2026-12025MEDIUMInsufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromisedEPSS 0.2%CVE-2026-33369MEDIUMZimbra Collaboration (ZCS) 10.0 and 10.1 contains an LDAP injection vulnerability in the Mailbox SOAP service within a FolderAction operatioEPSS 0.2%CVE-2022-33945HIGHImproper input validation in some Intel(R) Server board and Intel(R) Server System BIOS firmware may allow a privileged user to potentially EPSS 0.2%