Weaknesses of type CWE-20

4,758 results
CVE-2026-13024MEDIUMInsufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromiEPSS 0.1%CVE-2026-8003MEDIUMInsufficient validation of untrusted input in TabGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spooEPSS 0.1%CVE-2025-0037MEDIUMIn AMD Versal Adaptive SoC devices, the lack of address validation when executing PLM runtime services through the PLM firmware can allow acEPSS 0.1%CVE-2025-71011MEDIUMAn input validation vulnerability in the flow.Tensor.new_empty/flow.Tensor.new_ones/flow.Tensor.new_zeros component of OneFlow v0.9.0 allowsEPSS 0.1%CVE-2026-9986MEDIUMInsufficient validation of untrusted input in OptimizationGuide in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had cEPSS 0.1%CVE-2025-71009MEDIUMAn input validation vulnerability in the flow.scatter/flow.scatter_add component of OneFlow v0.9.0 allows attackers to cause a Denial of SerEPSS 0.1%CVE-2025-20032HIGHImproper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to pEPSS 0.1%CVE-2026-28201HIGHSurrealDB Injection on Open NotebookEPSS 0.1%CVE-2025-20197MEDIUMA vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privilegEPSS 0.1%CVE-2024-38303MEDIUMDell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged aEPSS 0.1%CVE-2024-42424MEDIUMDell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Improper Input Validation vulnerability. A high privileged attackeEPSS 0.1%CVE-2024-20394MEDIUMA vulnerability in Cisco AppDynamics Network Visibility Agent could allow an unauthenticated, local attacker to cause a denial of service (DEPSS 0.1%CVE-2026-29791MEDIUMAgentgateway: Missing parameter sanitization in MCP to OpenAPI conversionEPSS 0.1%CVE-2025-21094HIGHImproper input validation in the UEFI firmware DXE module for the Intel(R) Server D50DNP and M50FCP boards may allow a privileged user to poEPSS 0.1%CVE-2026-4407LOWOut-of-bounds array write in Xpdf 4.06 due to missing validationEPSS 0.1%CVE-2024-39513MEDIUMJunos OS Evolved: Execution of a specific CLI command will cause a crash in the AFT managerEPSS 0.1%CVE-2024-6978MEDIUMCato Networks Windows SDP Client Local root certificates can be installed by low-privileged usersEPSS 0.1%CVE-2026-11126MEDIUMInappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicEPSS 0.1%CVE-2025-33191MEDIUMNVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause an invalid memory read. A successful exploiEPSS 0.1%CVE-2025-24308HIGHImproper input validation in the UEFI firmware error handler for the Intel(R) Server D50DNP and M50FCP may allow a privileged user to potentEPSS 0.1%