Weaknesses of type CWE-20
4,585 resultsCVE-2018-0419—A vulnerability in certain attachment detection mechanisms of Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote aEPSS 2.8%CVE-2021-36035CRITICALMagento Commerce Stock Media Improper Input Validation Could Lead To Remote Code ExecutionEPSS 2.8%CVE-2021-36025CRITICALMagento Commerce Customer Edition Improper Input Validation Could Lead To Remote Code ExecutionEPSS 2.8%CVE-2020-11999—FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ContEPSS 2.8%CVE-2019-5464—A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF wheEPSS 2.8%CVE-2023-36566MEDIUMMicrosoft Common Data Model SDK Denial of Service VulnerabilityEPSS 2.8%CVE-2023-35349CRITICALMicrosoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityEPSS 2.8%CVE-2024-0057CRITICALNET, .NET Framework, and Visual Studio Security Feature Bypass VulnerabilityEPSS 2.8%CVE-2022-24861CRITICALRemote Code Execution in DatabasirEPSS 2.8%CVE-2018-10927HIGHA flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak informationEPSS 2.8%CVE-2019-1741HIGHCisco IOS XE Software Encrypted Traffic Analytics Denial of Service VulnerabilityEPSS 2.8%CVE-2014-2357—SUBNET SubSTATION Server 2 Telegyr 8979 Master Protocol Improper Input ValidationEPSS 2.8%CVE-2019-11687HIGHAn issue was discovered in the DICOM Part 10 File Format in the NEMA DICOM Standard 1995 through 2019b and continuing in current implementatEPSS 2.8%CVE-2018-12547—In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affEPSS 2.7%CVE-2021-42009—Apache Traffic Control Traffic Ops Email Injection VulnerabilityEPSS 2.7%CVE-2023-40062HIGHIncomplete List of Disallowed Inputs Remote Code Execution VulnerabilityEPSS 2.7%CVE-2023-47804—Apache OpenOffice: Macro URL arbitrary script executionEPSS 2.7%CVE-2020-15086CRITICALPotential Remote Code Execution in TYPO3 with mediace extensionEPSS 2.7%CVE-2022-42468CRITICALApache Flume prior to 1.11.0 has an Improper Input Validation (JNDI Injection) in JMSSourceEPSS 2.7%CVE-2024-38095HIGH.NET and Visual Studio Denial of Service VulnerabilityEPSS 2.7%