Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2023-32305 HIGH

aiven-extras < 1.1.9 - Privilege Escalation via Unqualified Function Name Collision

CVE-2023-25927 MEDIUM

IBM Security Verify Access 10.0.0-10.0.5 - Denial of Service via Crafted HTTP Requests

CVE-2023-29246 HIGH

Apache OpenMeetings <7.1.0 - Privilege Escalation

CVE-2023-29195 MEDIUM

Vitess < 16.0.2 - Denial of Service via Shard Creation with Slash Characters

CVE-2023-29026 MEDIUM

Rockwell Automation's ArmorStart ST - XSS

CVE-2023-32075 MEDIUM

pimcore customer_management_framework < 3.3.9 - Business Logic Error via Conditions Tab Counter

CVE-2023-31162 MEDIUM

SEL RTAC Module Firmware r149-v0-r150-v2 - Authenticated Arbitrary File Write via Web Interface

CVE-2023-31161 MEDIUM

SEL RTAC Web Interface - Authenticated Improper Input Validation

CVE-2023-31149 CRITICAL

SEL RTAC Web Interface - Authenticated Remote Code Execution

CVE-2023-31148 CRITICAL

SEL RTAC Web Interface - Authenticated Remote Code Execution

CVE-2023-25776 MEDIUM

Intel Server System Firmware < 2.90 - Authenticated Information Disclosure via Improper Input Validation

CVE-2023-25772 MEDIUM

Intel Retail Edge Mobile Android < 3.0.301126-RELEASE - Authenticated Denial of Service via Local Access

CVE-2023-25175 MEDIUM

Intel Server Board BMC Firmware < 2.90 - Authenticated Information Disclosure via Improper Input Validation

CVE-2023-22379 MEDIUM

Intel(R) Server Board BMC <2.90 - Info Disclosure

CVE-2023-1732 MEDIUM

cloudflare/circl < 1.3.3 - Predictable Shared Secret via Insufficient Randomness Check

CVE-2023-29335 HIGH

Microsoft Word - Security Feature Bypass via Improper Input Validation

CVE-2023-24950 MEDIUM

Microsoft SharePoint Server - Spoofing

CVE-2023-28200 MEDIUM

iPadOS < 15.7.4 - Kernel Memory Disclosure via Input Validation Issue

CVE-2023-27961 MEDIUM

iPadOS < 15.7.4 - Information Exfiltration via Malicious Calendar Invitation

CVE-2023-31039 CRITICAL

Apache bRPC < 1.5.0 - Remote Code Execution via ServerOptions pid_file Parameter

CVE-2023-31047 CRITICAL

Django <3.2.19, <4.1.9, <4.2.1 - Auth Bypass

CVE-2023-30434 MEDIUM

IBM Storage Scale and Elastic Storage System - Denial of Service via Kernel Panic

CVE-2023-21504 MEDIUM

Samsung Android Shannon Baseband - Buffer Overflow in mm_Plmncoordination.c

CVE-2023-21503 MEDIUM

Samsung Android Shannon Baseband - Buffer Overflow in mm_LteInterRatManagement.c

CVE-2023-21502 MEDIUM

Samsung Android - Privilege Escalation via FactoryTest Debugging Commands

Previous Page 106 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy