Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2022-46701 HIGH

iOS <16.2- iPadOS <16.2 - macOS <Ventura 13.1 - tvOS <16.2 - RCE

CVE-2022-42837 CRITICAL

iPadOS 15.0-15.7.1 - Remote Code Execution via URL Parsing

CVE-2022-46768 MEDIUM

Zabbix Web Service < Port 10053 - Info Disclosure

CVE-2022-4504 HIGH

OpenEMR < 7.0.0.2 - Improper Input Validation

CVE-2022-43723 HIGH

SICAM PAS/PQS < V7.0 or >= 7.0 < V8.06 - DoS

CVE-2022-20470 HIGH

Android - Local Privilege Escalation via AppWidgetServiceImpl Input Validation Bypass

CVE-2022-46363 HIGH

Apache CXF <3.5.5-3.4.10 - Info Disclosure

CVE-2022-45871 MEDIUM

WithSecure Atlant - Denial of Service via ICAP Request Parsing

CVE-2022-45113 MEDIUM

Movable Type < 1.53 and 6.0-6.8.7 - Unauthenticated Phishing Attack via Reset Password Page

CVE-2022-33876 MEDIUM

Fortinet FortiADC <7.1.0 - Info Disclosure

CVE-2022-38123 HIGH

Secomea GateManager <10.0 - Code Injection

CVE-2022-24439 HIGH

GitPython <3.1.30 - Remote Code Execution via Malicious Clone URL

CVE-2022-43515 MEDIUM

Zabbix Frontend 4.0.0-4.0.43 - Unauthenticated IP Restriction Bypass

CVE-2022-43484 HIGH

TERASOLUNA Global Framework 1.0.0-2.0.5.1 - Code Injection

CVE-2022-1471 HIGH

PyTorch Model Server Registration and Deserialization RCE

CVE-2022-40265 HIGH

Mitsubishielectric Rj71en71 Firmware < 65 - Improper Input Validation

CVE-2022-4186 MEDIUM

Google Chrome < 108.0.5359.71 - Download Restriction Bypass via Crafted HTML Page

CVE-2022-4033 MEDIUM

Quiz and Survey Master <8.0.4 - Auth Bypass

CVE-2022-4032 HIGH

Quiz and Survey Master <8.0.4 - Code Injection

CVE-2022-36960 HIGH

SolarWinds Orion Platform - Authenticated Privilege Escalation via Improper Input Validation

CVE-2022-41921 LOW

Discourse < 2.9.0.beta13 - Denial of Service via Unlimited Chat Message Length

CVE-2022-38900 HIGH

decode-uri-component 0.2.0 - Denial of Service via Improper Input Validation

CVE-2022-39346 LOW

Nextcloud Server < 22.2.10 - Denial of Service via Uncontrolled Display Name Length

CVE-2022-39338 LOW

nextcloud/openid_connect_user_backend < 1.2.1 - Stored Cross-Site Scripting via Discovery URL Validation

CVE-2022-40266 MEDIUM

Mitsubishi Electric GOT2000 Series GT27/GT25/GT23 Firmware < 01.39.000 - Authenticated Denial of Service via FTP Command

Previous Page 121 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy