Weaknesses of type CWE-20
4,588 resultsCVE-2019-12663MEDIUMCisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service VulnerabilityEPSS 1.8%CVE-2023-39553HIGHApache Airflow Drill Provider Arbitrary File Read VulnerabilityEPSS 1.8%CVE-2024-43611HIGHWindows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityEPSS 1.8%CVE-2014-2345—COPA-DATA zenon DNP3 Improper Input ValidationEPSS 1.8%CVE-2023-32462CRITICAL
Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authenticatioEPSS 1.8%CVE-2020-11261HIGHMemory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, EPSS 1.8%KEVCVE-2018-0117—A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software cEPSS 1.8%CVE-2019-1817HIGHCisco Web Security Appliance Malformed Request Denial of Service VulnerabilityEPSS 1.8%CVE-2019-1891HIGHCisco Small Business Series Switches HTTP Denial of Service VulnerabilityEPSS 1.8%CVE-2021-35995LOWAdobe After Effects MP4 File Parsing Uninitialized Variable Information Disclosure VulnerabilityEPSS 1.8%CVE-2019-1968MEDIUMCisco NX-OS Software NX-API Denial of Service VulnerabilityEPSS 1.8%CVE-2020-3309MEDIUMCisco Firepower Device Manager On-Box Software Arbitrary File Overwrite VulnerabilityEPSS 1.8%CVE-2020-36195CRITICALSQL Injection Vulnerability in Multimedia Console and the Media Streaming Add-OnEPSS 1.8%CVE-2021-1506CRITICALCisco SD-WAN vManage Software VulnerabilitiesEPSS 1.8%CVE-2025-34132CRITICALLILIN DVR Command Injection via NTPUpdate in dvr_boxEPSS 1.8%CVE-2021-36006LOWAdobe Photoshop MP4 File Parsing Uninitialized Variable Information Disclosure VulnerabilityEPSS 1.8%CVE-2019-11255MEDIUMKubernetes CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutationEPSS 1.7%CVE-2024-30054MEDIUMMicrosoft Power BI Client JavaScript SDK Information Disclosure VulnerabilityEPSS 1.7%CVE-2020-3302MEDIUMCisco Firepower Management Center File Overwrite VulnerabilityEPSS 1.7%CVE-2017-2617HIGHhawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker could use this vulnerability to upload a craEPSS 1.7%