CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20
CVE-2022-3075 CRITICAL KEV
Google Chrome <105.0.5195.102 - RCE
CVSS 9.6
CVE-2022-2856 MEDIUM KEV
Google Chrome <104.0.5112.101 - XSS
CVSS 6.5
CVE-2022-35893 HIGH
InsydeH2O <5.5 - Privilege Escalation
CVSS 8.2
CVE-2022-32797 HIGH
macOS - Denial of Service and Memory Disclosure via Malicious AppleScript Binary
CVSS 7.1
CVE-2022-32786 MEDIUM
macOS - Unprotected User Data Exposure via Environment Variable Handling
CVSS 5.5
CVE-2022-32226 MEDIUM
Rocket.Chat < 4.7.5 - Improper Access Control via MongoDB Query Operator Injection
CVSS 4.3
CVE-2022-26707 MEDIUM
macOS Monterey <12.4 - Info Disclosure
CVSS 5.5
CVE-2022-22423 MEDIUM
IBM Common Cryptographic Architecture 5.0.0-5.7.11 and 7.0.0-7.3.43 - Denial of Service via Improper Input Validation
CVSS 5.5
CVE-2022-35252 LOW
curl < 7.85.0 - Denial of Service via Cookie Control Code Injection
CVSS 3.7
CVE-2022-24280 MEDIUM
Apache Pulsar Proxy <=2.9.1 Authenticated TCP/IP Connection Spoofing
CVSS 6.5
CVE-2022-35896 MEDIUM
Insyde InsydeH2O 5.0-5.5 - SMM Memory Leak via FvbServicesRuntimeDxe Driver
CVSS 6.0
CVE-2022-37395 HIGH
Huawei CV81-WDM FW 01.70.49.29.46 - Denial of Service via Input Validation Bypass
CVSS 7.5
CVE-2022-23766 HIGH
BigFileAgent < 1.0.1.9 - Arbitrary File Execution via Improper Input Validation
CVSS 7.8
CVE-2022-36027 MEDIUM
TensorFlow < 2.7.2 - Denial of Service via Transposed Convolution Weight Quantization
CVSS 5.9
CVE-2022-36017 MEDIUM
TensorFlow < 2.7.2 - Denial of Service via Requantize Input Validation
CVSS 5.9
CVE-2022-35986 MEDIUM
TensorFlow < 2.7.2 - Denial of Service via Empty Splits Tensor in RaggedBincount
CVSS 5.9
CVE-2022-35982 MEDIUM
TensorFlow < 2.7.2 - Denial of Service via SparseBincount Invalid Input
CVSS 5.9
CVE-2022-35979 MEDIUM
TensorFlow < 2.7.2 - Denial of Service via QuantizedRelu/QuantizedRelu6 Non-Scalar Inputs
CVSS 5.9
CVE-2022-35974 MEDIUM
TensorFlow 2.7.0-2.7.1 - Denial of Service via QuantizeDownAndShrinkRange Input Validation
CVSS 5.9
CVE-2022-35973 MEDIUM
TensorFlow 2.7.0-2.7.1 - Denial of Service via QuantizedMatMul Non-Scalar Input
CVSS 5.9
CVE-2022-35972 MEDIUM
TensorFlow 2.7.0-2.7.1 - Denial of Service via QuantizedBiasAdd Input Validation
CVSS 5.9
CVE-2022-35970 MEDIUM
TensorFlow 2.7.0-2.7.1 - Denial of Service via QuantizedInstanceNorm x_min/x_max Tensors
CVSS 5.9
CVE-2022-35967 MEDIUM
TensorFlow 2.7.0-2.7.1 - Denial of Service via QuantizedAdd Input Validation
CVSS 5.9
CVE-2022-35966 MEDIUM
TensorFlow 2.7.0-2.7.1 - Denial of Service via QuantizedAvgPool Input Validation
CVSS 5.9
CVE-2022-35964 MEDIUM
TensorFlow 2.7.0-2.7.1 - Denial of Service via BlockLSTMGradV2 Input Validation
CVSS 5.9
Details
Vulnerabilities 12,467
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits