CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20
CVE-2023-20532 MEDIUM
AMD EPYC 7002 Series Firmware - Denial of Service via SMU Resource Locking
CVSS 5.3
CVE-2023-20530 HIGH
AMD EPYC 7003 Series Firmware < milanpi_1.0.0.5 - Denial of Service via BIOS Mailbox Message Handling
CVSS 7.5
CVE-2023-20528 LOW
AMD EPYC 7002 Series Firmware - Unauthenticated Memory Exfiltration via I2C Bus
CVSS 2.4
CVE-2023-20527 MEDIUM
AMD EPYC 7002 Series Firmware - Denial of Service via ASP Bootloader Syscall Input Validation
CVSS 6.5
CVE-2023-20525 MEDIUM
AMD EPYC 7002 Series Firmware < romepi_100d - Denial of Service via ASP Bootloader Syscall Input Validation
CVSS 6.5
CVE-2023-20522 HIGH
AMD MilanPi and RomePi Firmware - Denial of Service via ASP Input Validation
CVSS 7.5
CVE-2023-22963 MEDIUM
personnummer < 3.0.3 - Improper Input Validation
CVSS 5.3
CVE-2023-21767 HIGH
Windows Overlay Filter < - Privilege Escalation
CVSS 7.8
CVE-2023-21749 HIGH
Windows Kernel - Privilege Escalation
CVSS 7.8
CVE-2023-21559 MEDIUM
Windows 10/11, Server 2019/2022 - Cryptographic Information Disclosure
CVSS 5.5
CVE-2023-21558 HIGH
Windows Error Reporting Service - Privilege Escalation
CVSS 7.8
CVE-2023-21550 MEDIUM
Windows 10/11 & Server 2019/2022 Cryptographic Information Disclosure
CVSS 5.5
CVE-2023-21540 MEDIUM
Windows 10 1809/20H2/21H2/22H2, Windows 11 21H2/22H2, Windows Server 2019/2022 - Cryptographic Information Disclosure
CVSS 5.5
CVE-2023-0139 MEDIUM
Google Chrome <109.0.5414.74 - CSRF
CVSS 6.5
CVE-2023-22898 MEDIUM
circl/pandora < 1.3.1 - Denial of Service via Deeply Nested ZIP Archive
CVSS 6.5
CVE-2023-22465 HIGH
http4s <1.0.0-M38 DoS via User-Agent and Server Header Parsing
CVSS 7.5
CVE-2023-22460 HIGH
go-ipld-prime < 0.19.0 - Denial of Service via JSON Encoder Bytes Token Panic
CVSS 7.5
CVE-2023-22452 MEDIUM
kenny2automate < a947d7c - Improper Input Validation in Server Settings Form
CVSS 6.5
CVE-2022-34159 HIGH
Huawei CV81-WDM Firmware - Denial of Service via Input Validation Vulnerability
CVSS 7.5
CVE-2022-32204 HIGH
Huawei CV81-WDM Firmware - Denial of Service via Improper Input Validation
CVSS 7.5
CVE-2022-32144 HIGH
Huawei CV81-WDM Firmware - Denial of Service via Insufficient Input Verification
CVSS 8.6
CVE-2022-2232 HIGH
Keycloak LDAP Federation < 23.0.1 - LDAP Injection via Username Lookup
CVSS 7.5
CVE-2022-23817 HIGH
ASP Secure OS - Privilege Escalation
CVSS 7.0
CVE-2022-1242 HIGH
Apport < 2.21.0 - Privilege Escalation via Arbitrary Socket Connection
CVSS 7.8
CVE-2022-24806 MEDIUM
net-snmp < 5.9.2 - Authenticated Improper Input Validation via Malformed OID SET Requests
CVSS 6.5
Details
Vulnerabilities 12,467
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits