Weaknesses of type CWE-20
4,586 resultsCVE-2019-9141HIGHZoneplayer ActiveX Remote Code Execution vulnerabilityEPSS 2.4%CVE-2022-25757—Apache APISIX: the body_schema check in request-validation plugin can be bypassedEPSS 2.4%CVE-2022-24775HIGHImproper Input Validation in guzzlehttp/psr7EPSS 2.4%CVE-2021-3943—A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A remote code executiEPSS 2.4%CVE-2018-0260—A vulnerability in the web interface of Cisco MATE Live could allow an unauthenticated, remote attacker to view and download the contents ofEPSS 2.4%CVE-2021-1147HIGHCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Command Injection VulnerabilitiesEPSS 2.4%CVE-2021-1299HIGHCisco SD-WAN Command Injection VulnerabilitiesEPSS 2.4%CVE-2021-1148HIGHCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Command Injection VulnerabilitiesEPSS 2.4%CVE-2021-1149HIGHCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Command Injection VulnerabilitiesEPSS 2.4%CVE-2021-1298HIGHCisco SD-WAN Command Injection VulnerabilitiesEPSS 2.4%CVE-2021-1146HIGHCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Command Injection VulnerabilitiesEPSS 2.4%CVE-2021-1150HIGHCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Command Injection VulnerabilitiesEPSS 2.4%CVE-2018-0139—A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (CVP) could EPSS 2.4%CVE-2024-1355CRITICALCommand injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement ConsoleEPSS 2.4%CVE-2017-6662—A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allEPSS 2.4%CVE-2021-25437—Improper access control vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows attackers to arbitrary code exeEPSS 2.4%CVE-2018-8869—In Lantech IDS 2102 2.0 and prior, nearly all input fields allow for arbitrary input on the device. A CVSS v3 base score of 9.8 has been calEPSS 2.3%CVE-2024-1378CRITICALCommand injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement ConsoleEPSS 2.3%CVE-2017-6763—A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) 2.1.4 could allow an unauthenticated, remote attacEPSS 2.3%CVE-2025-34115HIGHOP5 Monitor <= 7.1.9 Authenticated Command Execution via command_test.phpEPSS 2.3%