Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2023-30448 MEDIUM

IBM DB2 10.5, 11.1, 11.5 - Denial of Service via Specially Crafted Query

CVE-2023-30447 MEDIUM

IBM Db2 10.5, 11.1, 11.5 - Denial of Service via Specially Crafted Query

CVE-2023-30446 MEDIUM

IBM Db2 10.5, 11.1, 11.5 - Denial of Service via Specially Crafted Query

CVE-2023-30445 HIGH

IBM Db2 10.5, 11.1, 11.5 - Denial of Service via Specially Crafted Query

CVE-2023-30442 MEDIUM

IBM Db2 11.1 and 11.5 - Denial of Service via Crafted Wrapper Options

CVE-2023-28955 MEDIUM

IBM Watson Knowledge Catalog <4.0 - DoS

CVE-2023-1183 MEDIUM

LibreOffice < 7.4.6 - Path Traversal and Arbitrary File Write via ODB Script Command

CVE-2023-0359 MEDIUM

Zephyr < 3.2.0 - Null Pointer Dereference in handle_ra_input

CVE-2023-36462 MEDIUM

Mastodon 2.6.0-3.5.8 - URL Spoofing via Verified Profile Link Formatting

CVE-2023-3456 MEDIUM

Huawei EMUI and HarmonyOS - Kernel Raw Address Leakage in Hang Detector Module

CVE-2023-37241 HIGH

Huawei EMUI and HarmonyOS - Denial of Service via WMS API Input Verification Vulnerability

CVE-2023-30664 HIGH

Samsung Android - Privilege Escalation via RegisteredMSISDN Input Validation

CVE-2023-30663 MEDIUM

Samsung Android - Out-Of-Bounds Write via OemPersonalizationSetLock in libsec-ril

CVE-2023-30659 MEDIUM

Samsung Android - Privilege Escalation via Transaction Input Validation

CVE-2023-30658 HIGH

Samsung Android - Privilege Escalation via DataProfile Input Validation

CVE-2023-30657 MEDIUM

Samsung Android - Privilege Escalation via EnhancedAttestationResult Input Validation

CVE-2023-30656 HIGH

Samsung Android - Improper Input Validation in LSOItemData

CVE-2023-30655 HIGH

Samsung Android - Improper Input Validation in SCEPProfile

CVE-2023-36821 HIGH

Uptime Kuma <1.22.1 - Authenticated RCE

CVE-2023-35936 MEDIUM

pandoc 1.13-3.1.3 - Arbitrary File Write via Crafted Image Element

CVE-2023-34457 MEDIUM

MechanicalSoup < 1.3.0 - Arbitrary File Read via Malicious HTML Form File Input

CVE-2023-34150 MEDIUM

Apache Any23 < 2.7 - Denial of Service via TikaEncodingDetector

CVE-2023-21631 HIGH

Qualcomm Modem Firmware - Improper Input Validation in LTE Security Mode Command Processing

CVE-2023-25522 HIGH

NVIDIA DGX A100/A800 Firmware < 1.21 - DoS, Info Disclosure, Data Tampering via SBIOS

CVE-2023-2728 MEDIUM

kubernetes <1.24.14, 1.27.0-1.27.2 - Policy Bypass via Ephemeral Container Mountable Secrets

Previous Page 101 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy