Weaknesses of type CWE-20
4,597 resultsCVE-2021-25434—Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using EPSS 1.7%CVE-2023-7163CRITICALD-Link D-View 8 Unauthenticated Probe-Core Server CommunicationEPSS 1.7%CVE-2018-10923HIGHIt was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated aEPSS 1.7%CVE-2020-3230HIGHCisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service VulnerabilityEPSS 1.7%CVE-2020-3516MEDIUMCisco IOS XE Software Web UI Improper Input Validation VulnerabilityEPSS 1.7%CVE-2018-19005—Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation vulnerability has been identified that may be exploited by processing EPSS 1.7%CVE-2024-49057HIGHMicrosoft Defender for Endpoint on Android Spoofing VulnerabilityEPSS 1.7%CVE-2023-30535HIGHSnowflake JDBC vulnerable to command injection via SSO URL authenticationEPSS 1.7%CVE-2023-40272HIGHApache Airflow Spark Provider Arbitrary File Read via JDBCEPSS 1.7%CVE-2017-12215—A vulnerability in the email message filtering feature of Cisco AsyncOS Software for the Cisco Email Security Appliance could allow an unautEPSS 1.7%CVE-2024-55020CRITICALA command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attEPSS 1.7%CVE-2020-3162HIGHCisco IoT Field Network Director Denial of Service VulnerabilityEPSS 1.7%CVE-2020-27833—A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafEPSS 1.7%CVE-2023-36821HIGHUptime Kuma vulnerable to authenticated remote code execution via malicious plugin installationEPSS 1.7%CVE-2024-43455HIGHWindows Remote Desktop Licensing Service Spoofing VulnerabilityEPSS 1.7%CVE-2021-40712MEDIUMAdobe Experience Manager Path parameter Improper Input Validation Could Lead To DOSEPSS 1.7%CVE-2018-1086MEDIUMpcs before versions 0.9.164 and 0.10 is vulnerable to a debug parameter removal bypass. REST interface of the pcsd service did not properly EPSS 1.7%CVE-2020-8124—Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypasEPSS 1.7%CVE-2019-1831MEDIUMCisco Email Security Appliance Content Filter Bypass VulnerabilityEPSS 1.6%CVE-2023-46851—Apache Allura: sensitive information exposure via importEPSS 1.6%