CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20
CVE-2023-2727 MEDIUM
kubernetes <1.24.14, 1.27.0-1.27.3 - ImagePolicyWebhook Bypass via Ephemeral Containers
CVSS 6.5
CVE-2023-35797 CRITICAL
Apache Airflow Hive Provider < 6.1.1 - Remote Code Execution via Principal Parameter
CVSS 9.8
CVE-2023-28324 CRITICAL
Ivanti Endpoint Manager < 2022 - Privilege Escalation or Remote Code Execution
CVSS 9.8
CVE-2023-22886 HIGH
Apache Airflow JDBC Provider < 4.0.0 - Remote Code Execution via JDBC Connection URL Parameter
CVSS 8.8
CVE-2023-21192 HIGH
Android 13 - Local Privilege Escalation via InputMethodManagerService Input Validation
CVSS 7.8
CVE-2023-20192 CRITICAL
Cisco Expressway Series - Privilege Escalation
CVSS 9.6
CVE-2023-20105 CRITICAL
Cisco Expressway Series/Cisco VCS - Privilege Escalation
CVSS 9.6
CVE-2023-3034 MEDIUM
BKG Professional NTRIP Caster <= 2.0.44 - Reflected Cross-Site Scripting via Admin Mode Parameter
CVSS 4.7
CVE-2023-26273 MEDIUM
IBM QRadar SIEM <7.5.0 - Privilege Escalation
CVSS 4.3
CVE-2023-35798 MEDIUM
Apache Airflow ODBC Provider < 4.0.0 and MSSQL Provider < 3.4.1 - Improper Input Validation in get_sqlalchemy_connection
CVSS 4.3
CVE-2023-34422 MEDIUM
Lenovo XClarity Administrator < 4.0.0 - Authenticated Directory Deletion via Web API
CVSS 6.5
CVE-2023-34421 MEDIUM
Lenovo XClarity Administrator < 4.0.0 - Authenticated Filesystem Data Replacement via Web API
CVSS 6.5
CVE-2023-35163 MEDIUM
Vega < 0.71.6 - Authenticated Event Reprocessing via Ethereum Bridge
CVSS 6.0
CVE-2023-25520 MEDIUM
NVIDIA Jetson Linux < 32.7.4 - Denial of Service via nvbootctrl Invalid Settings
CVSS 4.4
CVE-2023-32480 MEDIUM
Dell BIOS < 1.17.0 (Alienware M15 R7) - Unauthenticated Arbitrary Code Execution
CVSS 6.8
CVE-2023-28060 MEDIUM
Dell Alienware BIOS < 1.26.0 - Authenticated UEFI Variable Modification via Improper Input Validation
CVSS 5.1
CVE-2023-28058 MEDIUM
Dell Alienware BIOS < 1.26.0 - Authenticated UEFI Variable Modification via Improper Input Validation
CVSS 5.1
CVE-2023-28050 MEDIUM
Dell Alienware BIOS < 1.26.0 - Authenticated UEFI Variable Modification via Improper Input Validation
CVSS 5.1
CVE-2023-28044 MEDIUM
Dell Alienware BIOS Authenticated UEFI Variable Modification via Improper Input Validation
CVSS 5.1
CVE-2023-28036 MEDIUM
Dell Alienware Area 51m R1 Firmware - Improper Input Validation
CVSS 5.1
CVE-2023-28034 MEDIUM
Dell Alienware BIOS < 1.26.0 - Authenticated UEFI Variable Modification via Improper Input Validation
CVSS 5.1
CVE-2023-28031 MEDIUM
Dell Alienware BIOS < 1.26.0 - Authenticated UEFI Variable Modification via Improper Input Validation
CVSS 5.1
CVE-2023-28027 MEDIUM
Dell Alienware BIOS < 1.26.0 (Area-51m R1) - Authenticated UEFI Variable Modification via Improper Input Validation
CVSS 5.1
CVE-2023-28026 MEDIUM
Dell Alienware and Inspiron Firmware - Authenticated UEFI Variable Modification via Improper Input Validation
CVSS 5.1
CVE-2023-25938 MEDIUM
Dell Alienware Area 51m R1 Firmware - Improper Input Validation
CVSS 5.1
Details
Vulnerabilities 12,467
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits