Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2023-34448 HIGH

Grav < 1.7.42 - Server-Side Template Injection via Twig map() and reduce() Functions

CVE-2023-30631 HIGH

Apache Traffic Server 8.0.0-9.2.0 - Improper Input Validation in PUSH Method Handling

CVE-2023-24937 MEDIUM

Windows CryptoAPI - Denial of Service via Improper Input Validation

CVE-2023-32032 MEDIUM

.NET 7.0.0-7.0.6 and Visual Studio 2022 17.0-17.0.21 - Elevation of Privilege

CVE-2023-32015 CRITICAL

Microsoft Windows Pragmatic General Multicast - Remote Code Execution

CVE-2023-29371 HIGH

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Elevation of Privilege via GDI

CVE-2023-29359 HIGH

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Elevation of Privilege via GDI

CVE-2023-29353 MEDIUM

Sysinternals Process Monitor for Windows - DoS

CVE-2023-2455 MEDIUM

PostgreSQL 11.0-11.19 - Incorrect Row Security Policy Application via Role Change

CVE-2023-2454 HIGH

PostgreSQL >=11.0 <11.20 - Authenticated Remote Code Execution via schema_element

CVE-2023-1888 HIGH

Directorist WordPress <=7.5.4 - Privilege Escalation

CVE-2023-34239 HIGH

Gradio < 3.34.0 - Path Traversal and Server-Side Request Forgery

CVE-2023-2961 LOW

advancecomp < 2.5 - Denial of Service via Segmentation Fault

CVE-2023-34111 HIGH

tdengine/grafana < 2023-05-22 - Remote Code Execution via GitHub Workflow Command Injection

CVE-2023-21657 HIGH

Qualcomm Audio Firmware - Memory Corruption

CVE-2023-21656 HIGH

Qualcomm WLAN HOST - Memory Corruption

CVE-2023-34102 HIGH

Avo Rails Admin < 2.33.3 - Polymorphic Field Remote Code Execution

CVE-2023-32690 MEDIUM

libspdm < 2.3.3 - Denial of Service via Unvalidated CTExponent in CAPABILITIES Response

CVE-2023-33964 HIGH

MultiversX <1.4.16 - Info Disclosure

CVE-2023-34152 CRITICAL

ImageMagick - Remote Code Execution via OpenBlob Pipe Handling

CVE-2023-0779 MEDIUM

Zephyr < 3.2.0 - NULL Pointer Dereference

CVE-2023-23754 MEDIUM

Joomla! 4.2.0-4.3.1 - Open Redirect and Cross-Site Scripting in MFA Selection Screen

CVE-2023-33182 NONE

Nextcloud Contacts 4.1.0-4.2.3 - Improper Input Validation in SVG Avatar Rendering

CVE-2023-2808 MEDIUM

Mattermost 5.34.0-7.1.9 - Link Preview Spoofing via UTF Confusable Characters

CVE-2023-2942 HIGH

OpenEMR < 7.0.1 - Improper Input Validation

Previous Page 104 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy