Weaknesses of type CWE-20
4,753 resultsCVE-2026-28852MEDIUMA stack overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4EPSS 0.2%CVE-2021-1519MEDIUMCisco AnyConnect Secure Mobility Client Profile Modification VulnerabilityEPSS 0.2%CVE-2022-33709—Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch aEPSS 0.2%CVE-2026-11666MEDIUMInsufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofinEPSS 0.2%CVE-2026-14116MEDIUMInsufficient validation of untrusted input in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a useEPSS 0.2%CVE-2022-33710—Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launcEPSS 0.2%CVE-2022-33708—Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch aEPSS 0.2%CVE-2025-46340HIGHMisskey CSS Style Injection Vulnerability In `MkUrlPreview`EPSS 0.2%CVE-2026-42390MEDIUMZONEMD validation can be bypassedEPSS 0.2%CVE-2024-25571MEDIUMImproper input validation in some Intel(R) SPS firmware before SPS_E5_06.01.04.059.0 may allow a privileged user to potentially enable deniaEPSS 0.2%CVE-2025-6703LOWtransport/fc.rs: panic attempting to send MAX_DATA with value larger max varintEPSS 0.2%CVE-2026-10916MEDIUMInsufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromisedEPSS 0.2%CVE-2024-2746HIGHIncomplete fix for CVE-2024-1929EPSS 0.2%CVE-2026-21271HIGHDreamweaver Desktop | Improper Input Validation (CWE-20)EPSS 0.2%CVE-2026-29144HIGHUnicode Subject TagsEPSS 0.2%CVE-2026-21268HIGHDreamweaver Desktop | Improper Input Validation (CWE-20)EPSS 0.2%CVE-2021-26325—Insufficient input validation in the SNP_GUEST_REQUEST command may lead to a potential data abort error and a denial of service.EPSS 0.2%CVE-2024-29068MEDIUMsnapd non-regular file indefinite blocking readEPSS 0.2%CVE-2026-29141HIGHBounded Subject Tag SanitizationEPSS 0.2%CVE-2023-43745LOWImproper input validation in some Intel(R) CBI software before version 1.1.0 may allow an authenticated user to potentially enable denial ofEPSS 0.2%