Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2023-32695 HIGH

socket.io-parser 3.4.0-3.4.2 and 4.0.4-4.2.2 - Denial of Service via Crafted Socket.IO Packet

CVE-2023-32688 MEDIUM

parse-server-push-adapter < 4.1.3 - Denial of Service via Invalid Push Notification Payload

CVE-2023-32321 CRITICAL

CKAN 2.9.0-2.9.8 - Remote Code Execution via ResourceUploader Arbitrary File Write

CVE-2023-21516 HIGH

Samsung Galaxy Store < 4.5.49.8 - Cross-Site Scripting via InstantPlay

CVE-2023-21515 HIGH

Samsung Galaxy Store < 4.5.49.8 - Remote Code Execution via InstantPlay JavaScript Injection

CVE-2023-21514 HIGH

Samsung Galaxy Store < 4.5.49.8 - Arbitrary APK Installation via InstantPlay Deeplink Scheme Validation Bypass

CVE-2023-32323 MEDIUM

Synapse <= 1.73 - Denial of Service via Oversized invite_room_state Field

CVE-2023-2868 CRITICAL KEV

Barracuda Email Security Gateway <9.2.0.006 - Command Injection

CVE-2023-30440 MEDIUM

IBM PowerVM Hypervisor FW860.00-FW1030.10 - DoS and Arbitrary Data Corruption via SRIOV

CVE-2023-28649 HIGH

Snap One OvrC - Privilege Escalation

CVE-2023-20182 MEDIUM

Cisco DNA Center - Privilege Escalation

CVE-2023-20172 MEDIUM

Cisco Identity Services Engine - Authenticated Arbitrary File Delete and Read

CVE-2023-20171 MEDIUM

Cisco Identity Services Engine - Authenticated Arbitrary File Delete and Read

CVE-2023-21111 MEDIUM

Android - Local Denial of Service via PhoneAccountRegistrar Input Validation

CVE-2023-20722 MEDIUM

Android - Local Privilege Escalation via m4u Improper Input Validation

CVE-2023-20721 MEDIUM

Android - Local Privilege Escalation via ISP Improper Input Validation

CVE-2023-20720 MEDIUM

Android - Out-of-Bounds Read in pqframework

CVE-2023-20719 MEDIUM

Android - Out-of-bounds Read in pqframework

CVE-2023-20718 MEDIUM

Android - Out-of-Bounds Write in VCU due to Missing Bounds Check

CVE-2023-20710 MEDIUM

Android - Local Information Disclosure via Missing Bounds Check in keyinstall

CVE-2023-20709 MEDIUM

Android - Local Information Disclosure via Missing Bounds Check in keyinstall

CVE-2023-20708 MEDIUM

Android - Out-of-Bounds Read in Keyinstall

CVE-2023-20707 MEDIUM

Android - Local Privilege Escalation via Missing Bounds Check in ril

CVE-2023-20705 MEDIUM

Android - Local Information Disclosure via Missing Bounds Check in APU

CVE-2023-20704 MEDIUM

Android - Local Information Disclosure via Missing Bounds Check in APU

Previous Page 105 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy