Weaknesses of type CWE-20

4,753 results
CVE-2025-43293MEDIUMThe issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An appEPSS 0.2%CVE-2026-34442MEDIUMFreeScout: Host Header Injection Leading to External Resource Loading and Open Redirect in FreeScoutEPSS 0.2%CVE-2022-35893HIGHAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM memory corruption vulnerability in the FvbServicesRuntimeDxeEPSS 0.2%CVE-2026-13939LOWInsufficient validation of untrusted input in WebShare in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had EPSS 0.2%CVE-2026-0410LOWInsufficient input validation in certain NETGEAR routersEPSS 0.2%CVE-2021-3038MEDIUMGlobalProtect App: Windows VPN kernel driver denial of service (DoS)EPSS 0.2%CVE-2026-8516MEDIUMInsufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced EPSS 0.2%CVE-2025-7375MEDIUMUnauthenticated Denial-of-Service Vulnerability in Omada EAP610EPSS 0.2%CVE-2026-53723MEDIUMguzzlehttp/guzzle-services' XML Request Serialization Vulnerable to XML Injection via CDATA TerminatorEPSS 0.2%CVE-2025-67170MEDIUMA reflected cross-site scripting (XSS) vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user'sEPSS 0.2%CVE-2024-56437MEDIUMVulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability maEPSS 0.2%CVE-2023-49615HIGHImproper input validation in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potenEPSS 0.2%CVE-2026-31251HIGHCosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in EPSS 0.2%CVE-2026-11689HIGHInsufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the rendEPSS 0.2%CVE-2022-36873MEDIUMImproper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC addressEPSS 0.2%CVE-2023-32469HIGH Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privilegesEPSS 0.2%CVE-2026-27443HIGHS/MIME Decryption Tag Sanitization BypassEPSS 0.2%CVE-2026-33471CRITICALnimiq-block has skip block quorum bypass via out-of-range BitSet indices & u16 truncationEPSS 0.2%CVE-2026-22220MEDIUMImproper Input Validation Leading to DoS on TP-Link Archer BE230EPSS 0.2%CVE-2023-42776LOWImproper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100.3 may allow an authenticateed user to potenEPSS 0.2%