Weaknesses of type CWE-20
4,583 resultsCVE-2020-12029CRITICALRockwell Automation FactoryTalk View SEEPSS 45.0%CVE-2021-43803HIGHUnexpected server crash in Next.jsEPSS 44.8%CVE-2023-21818HIGHWindows Secure Channel Denial of Service VulnerabilityEPSS 43.2%CVE-2018-25031MEDIUMSwagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attEPSS 42.3%CVE-2013-6282HIGHThe (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addEPSS 39.7%KEVCVE-2019-1936HIGHCisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Command Injection VulnerabilityEPSS 39.5%CVE-2020-3240CRITICALMultiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big DataEPSS 38.7%CVE-2024-2756MEDIUM__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fixEPSS 37.9%CVE-2023-26067HIGHCertain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4).EPSS 37.8%CVE-2017-12285—A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbEPSS 37.2%CVE-2023-22496HIGHNetdata vulnerable to command injection EPSS 36.2%CVE-2024-39573HIGHApache HTTP Server: mod_rewrite proxy handler substitutionEPSS 35.4%CVE-2025-1097HIGHingress-nginx controller - configuration injection via unsanitized auth-tls-match-cn annotationEPSS 34.7%CVE-2022-28127HIGHA data removal vulnerability exists in the web_server /action/remove/ API functionality of Robustel R1510 3.3.0. A specially-crafted networkEPSS 34.6%CVE-2026-6973HIGHAn Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authenticated user with adminEPSS 34.5%KEVCVE-2015-2177HIGHSiemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TEPSS 34.4%CVE-2023-24033HIGHThe Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly checEPSS 34.3%CVE-2022-42340HIGHAdobe ColdFusion Improper Input Validation Arbitrary file system readEPSS 33.8%CVE-2024-22476CRITICALImproper input validation in some Intel(R) Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially EPSS 33.4%CVE-2020-8195MEDIUMImproper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 andEPSS 33.3%KEV