Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2023-21431 LOW

Bixby Vision < 3.7.70.17 - Unauthenticated Data Access via Improper Input Validation

CVE-2023-21428 MEDIUM

Samsung Android TelephonyUI - Improper Input Validation

CVE-2023-0751 MEDIUM

FreeBSD - Improper Input Validation in GELI Key File Handling

CVE-2023-0615 MEDIUM

Linux Kernel - Memory Leak and Integer Overflow in V4L2 vivid Test Code via VIDIOC_S_DV_TIMINGS ioctl

CVE-2023-20613 MEDIUM

Android - Local Privilege Escalation via Missing Bounds Check in ril

CVE-2023-20612 MEDIUM

Android - Local Privilege Escalation via Missing Bounds Check in ril

CVE-2023-20606 MEDIUM

Android - Out-of-bounds Read in apusys

CVE-2023-24493 MEDIUM

Tenable.sc < 5.23.1 - Authenticated Formula Injection via Report Export

CVE-2023-0284 MEDIUM

Tribe29 Checkmk <2.1.0p19, <2.0.0p32, <=1.6.0 - Info Disclosure

CVE-2023-0229 MEDIUM

github.com/openshift/apiserver-library-go - Privilege Escalation

CVE-2023-23560 CRITICAL

Lexmark B2236/B2338/B2442/B2546/B2650/B2865/B3340/B3442/C2240/C2325/C2326/C2425/C2535/C3224/C3326 Firmware SSRF

CVE-2023-0434 HIGH

pyload < 0.5.0b3.dev40 - Improper Input Validation

CVE-2023-20045 MEDIUM

Cisco Small Business RV160-260 - RCE

CVE-2023-20026 MEDIUM

Cisco Small Business RV016-325 - Command Injection

CVE-2023-20020 HIGH

Cisco BroadWorks 22.0-23.0.1075 Unauthenticated DoS via HTTP Request Parsing

CVE-2023-21607 HIGH

Adobe Acrobat Reader <22.003.20282 - RCE

CVE-2023-22734 MEDIUM

Shopware < 6.4.18.1 - Newsletter Double Opt-In Bypass

CVE-2023-22730 MEDIUM

Shopware < 6.4.18.1 - Cart Validator Bypass via Duplicate Line Item

CVE-2023-0299 CRITICAL

publify/publify <9.2.10 - Info Disclosure

CVE-2023-22496 HIGH

netdata < 1.37.0 - Remote Code Execution via Crafted Registry Hostname in Streaming Alert

CVE-2023-22470 LOW

Nextcloud Deck < 1.6.5 - Denial of Service via Database Error

CVE-2023-21596 HIGH

Adobe InCopy <= 17.4 and 18.0 - Arbitrary Code Execution via Malicious File

CVE-2023-21588 HIGH

Adobe InDesign <= 17.4 and 18.0 - Arbitrary Code Execution via Malicious File

CVE-2023-22491 HIGH

gatsby-transformer-remark <5.25.1 and 6.0.0-6.3.2 - JavaScript Injection via gray-matter Frontmatter Processing

CVE-2023-22952 HIGH KEV

SugarCRM unauthenticated Remote Code Execution (RCE)

Previous Page 113 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy