Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2023-26388 HIGH

Adobe Substance 3D Stager <2.0.1 - Code Injection

CVE-2023-26407 HIGH

Adobe Acrobat Reader <23.001.20093,20.005.30441 - RCE

CVE-2023-26405 HIGH

Adobe Acrobat Reader <23.001.20093,20.005.30441 - RCE

CVE-2023-28304 HIGH

Microsoft ODBC 17.0-17.10.3.1 and OLE DB 18.0-18.6.5 - Remote Code Execution

CVE-2023-28302 HIGH

Microsoft Windows MSMQ - Denial of Service via Improper Input Validation

CVE-2023-28301 LOW

Microsoft Edge < 112.0.1722.34 - Tampering Vulnerability

CVE-2023-28291 HIGH

Raw Image Extension < 2.1.60611.0 - Remote Code Execution

CVE-2023-28274 HIGH

Windows 10/11 & Server 2019/2022 Win32k Elevation of Privilege

CVE-2023-24893 HIGH

Visual Studio Code < 1.77.0 - Remote Code Execution

CVE-2023-23375 HIGH

Microsoft ODBC 17.0-17.10.3.0 and OLE DB 18.0-18.6.4 - Remote Code Execution

CVE-2023-21554 CRITICAL

CVE-2023-21554 - QueueJumper - MSMQ RCE Check

CVE-2023-26293 HIGH

TIA Portal <V16.7, <V17.6, <V18.1 - Path Traversal

CVE-2023-26070 CRITICAL

Lexmark <2023-02-19 - Info Disclosure

CVE-2023-26069 CRITICAL

Lexmark <2023-02-19 - Info Disclosure

CVE-2023-26068 CRITICAL

Lexmark Device Embedded Web Server RCE

CVE-2023-26067 HIGH

Lexmark <2023-02-19 - Info Disclosure

CVE-2023-30450 MEDIUM

Redpanda < 23.1.2 - Improper Input Validation in rpk RPC Server TLS Configuration

CVE-2023-28710 HIGH

Apache Airflow Spark Provider <4.0.1 - Info Disclosure

CVE-2023-28707 HIGH

Apache Airflow Drill Provider <2.3.2 - Info Disclosure

CVE-2023-20103 MEDIUM

Cisco Secure Network Analytics - RCE

CVE-2023-20134 MEDIUM

Cisco Webex Meetings - Authenticated Stored Cross-Site Scripting and Arbitrary File Upload

CVE-2023-20132 MEDIUM

Cisco Webex Meetings - Authenticated Stored Cross-Site Scripting and Arbitrary File Upload

CVE-2023-27496 MEDIUM

Envoy < 1.22.9 - Denial of Service via OAuth Filter State Parameter Omission

CVE-2023-27493 HIGH

Envoy < 1.22.9 - HTTP Request Smuggling via Unsanitized Request Headers

CVE-2023-27491 MEDIUM

envoyproxy/envoy < 1.22.9 - HTTP Request Smuggling via Malformed Request Lines

Previous Page 108 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy