Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2023-21501 HIGH

Samsung Android mPOS Fiserve Trustlet - Remote Code Execution

CVE-2023-21498 MEDIUM

Samsung Android - Memory Overwrite via mPOS TUI Trustlet setPartnerTAInfo

CVE-2023-21494 MEDIUM

Samsung Android Shannon Baseband - Buffer Overflow in mm_Authentication.c

CVE-2023-26125 MEDIUM

Gin-Gonic Gin <1.9.0 - Improper Input Validation

CVE-2023-0683 HIGH

Lenovo ThinkAgile HX Series Firmware - Authenticated Privilege Escalation via Crafted API Call

CVE-2023-0896 HIGH

Lenovo Smart Clock Essential with Alexa Built In Firmware < 90 - Unauthenticated Default Password Bypass

CVE-2023-26022 MEDIUM

IBM Db2 11.1-11.1.4 - Denial of Service via DBMS_OUTPUT Module

CVE-2023-26021 HIGH

IBM Db2 11.1-11.5 - Denial of Service via LIMIT Clause

CVE-2023-27555 MEDIUM

IBM Db2 11.5 - Denial of Service via ACR Client Affinity for Unfenced DRDA Federation Wrappers

CVE-2023-25930 MEDIUM

IBM Db2 10.1, 11.1, 11.5 - Denial of Service via Special Register Setting

CVE-2023-29255 HIGH

IBM DB2 10.5, 11.1, 11.5 - Denial of Service via Anonymous Block Compilation

CVE-2023-27559 MEDIUM

IBM Db2 10.5, 11.1, 11.5 - Denial of Service via Crafted Subquery

CVE-2023-30269 HIGH

cltphp <=6.0 - Improper Input Validation in Template Controller

CVE-2023-29530 HIGH

Laminas Diactoros < 2.18.1 - Denial of Service via Newline in HTTP Header

CVE-2023-29780 HIGH

Third Reality Smart Blind 1.00.54 - Denial of Service via Malicious Zigbee Messages

CVE-2023-22916 HIGH

Zyxel USG FLEX/ATP/VPN Series Firmware 5.00-5.35 - DoS via Configuration Parser Input Sanitization Bypass

CVE-2023-22581 CRITICAL

White Rabbit Switch < 6.0.1 - OS Command Injection

CVE-2023-21092 HIGH

Android - Local Privilege Escalation via BroadcastReceiver Registration

CVE-2023-27043 MEDIUM

Python <3.11.3 - Info Disclosure

CVE-2023-29410 HIGH

Schneider Electric InsightHome, InsightFacility, Conext Gateway Firmware < 1.16 - Authenticated Remote Code Execution

CVE-2023-28856 MEDIUM

Redis < 6.0.19 - Authenticated Denial of Service via HINCRBYFLOAT Command

CVE-2023-28981 MEDIUM

Juniper Networks Junos OS <20.3R3-S5, <20.4R3-S3, <21.1 - DoS

CVE-2023-30542 MEDIUM

OpenZeppelin Contracts 4.3.0-4.8.2 - Improper Input Validation in GovernorCompatibilityBravo Proposal Creation

CVE-2023-30535 HIGH

Snowflake JDBC < 3.13.29 - Remote Code Execution via Malicious SSO URL

CVE-2023-29194 MEDIUM

Vitess < 16.0.1 - Denial of Service via Keyspace Name with Forward Slash

Previous Page 107 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy