CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20
CVE-2022-46303 HIGH
Tribe29 Checkmk <2.1.0p10-<1.6.0p29 - Command Injection
CVSS 8.0
CVE-2022-43929 MEDIUM
IBM Db2 11.1 and 11.5 - Denial of Service via Load Command
CVSS 4.9
CVE-2022-33964 HIGH
Intel(R) SUR <2.4.8902 - Privilege Escalation
CVSS 7.4
CVE-2022-33190 HIGH
Intel(R) SUR <2.4.8902 - Privilege Escalation
CVSS 7.1
CVE-2022-29494 MEDIUM
Intel OpenBMC < egs-0.91-179 and < bhs-04-45 - Authenticated Denial of Service via Network Input
CVSS 6.5
CVE-2022-26837 HIGH
Intel(R) Processors - Privilege Escalation
CVSS 7.5
CVE-2022-27897 MEDIUM
Palantir Gotham < 3.22.11.2 - Unauthenticated Denial of Service via Malicious Zip File Upload
CVSS 5.3
CVE-2022-27892 MEDIUM
Palantir Gotham < 3.22.11.2 - Unauthenticated Denial of Service via Memory Exhaustion
CVSS 5.3
CVE-2022-31808 HIGH
SiPass integrated ACC-AP/AC5102 < 2.85.43/2.85.44 - Authenticated Privilege Escalation via Telnet CLI
CVSS 7.8
CVE-2022-45725 HIGH
Comfast CF-WR610N Firmware V2.3.1 - Remote Code Execution via HTTP POST Request
CVSS 8.8
CVE-2022-45088 CRITICAL
Group Arge Energy and Control Systems Smartpower Web < 23.01.01 - PHP Local File Inclusion via Improper Input Validation
CVSS 9.8
CVE-2022-40502 HIGH
Qualcomm CSR8811 and IPQ Firmware - Denial of Service via WLAN Host Input Validation
CVSS 7.5
CVE-2022-34146 HIGH
Qualcomm CSR8811 and IPQ Firmware - Denial of Service via WLAN Frame Defragmentation
CVSS 7.5
CVE-2022-33216 MEDIUM
Qualcomm Automotive Firmware - Denial of Service via ELF Parsing
CVSS 6.0
CVE-2022-25729 CRITICAL
Qualcomm AR8031 Firmware - Memory Corruption via Improper Length Check
CVSS 9.8
CVE-2022-38778 MEDIUM
decode-uri-component < 0.2.1 - Denial of Service via Improper Input Validation
CVSS 6.5
CVE-2022-34350 MEDIUM
IBM API Connect 10.0.0.0-10.0.5.0 - Server-Side Request Forgery via Improper Input Validation
CVSS 5.3
CVE-2022-44617 HIGH
libXpm < 3.5.15 - Denial of Service via Malformed XPM File
CVSS 7.5
CVE-2022-32482 MEDIUM
Dell BIOS - Authenticated UEFI Variable Modification via Improper Input Validation
CVSS 5.6
CVE-2022-34443 HIGH
Dell Rugged Control Center < 4.4.134 - Privilege Escalation via Service EndPoint
CVSS 7.8
CVE-2022-44644 MEDIUM
Apache Linkis <= 1.3.0 - Authenticated Arbitrary File Read via MySQL Connector/J JDBC Parameter
CVSS 6.5
CVE-2022-39060 CRITICAL
ChangingTech MegaServiSignAdapter - Info Disclosure
CVSS 9.8
CVE-2022-34885 HIGH
Motorola MR2600 Firmware < 1.0.18 - Authenticated Remote Code Execution
CVSS 7.2
CVE-2022-45770 HIGH
Adguard < 7.12 - Local Privilege Escalation via Improper Input Validation in adgnetworkwfpdrv.sys
CVSS 7.8
CVE-2022-47100 HIGH
Sengled ES21-N1EAW Firmware 0x0000024 - Unauthenticated Factory Reset via Crafted IEEE 802.15.4 Frame
CVSS 7.5
Details
Vulnerabilities 12,467
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits