CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20
CVE-2022-33209 HIGH
Intel(R) NUC Laptop Kits <BC0076 - Privilege Escalation
CVSS 7.8
CVE-2022-23403 MEDIUM
Intel Data Center Manager < 4.1 - Authenticated Denial of Service via Local Input Validation
CVSS 5.5
CVE-2022-21212 MEDIUM
Intel Wireless-ac 9560 Firmware < 22.120 - Improper Input Validation
CVSS 6.5
CVE-2022-21197 HIGH
Intel Wireless Firmware < 22.120 - Unauthenticated Denial of Service via Network Input
CVSS 7.5
CVE-2022-21181 HIGH
Intel Wireless AC Firmware < 22.120 - Privilege Escalation via Improper Input Validation
CVSS 7.8
CVE-2022-36023 HIGH
Hyperledger Fabric < 2.4.6 - Denial of Service via Malformed Gateway Request
CVSS 7.0
CVE-2022-2868 MEDIUM
libtiff - Denial of Service via Crafted File in tiffcrop
CVSS 5.5
CVE-2022-35239 HIGH
SolarView Compact SV-CPT-MC310 & SV-CPT-MC310F < 7.24 - Authenticated PHP Code Execution via Image Upload
CVSS 8.8
CVE-2022-24952 MEDIUM
Eternal Terminal < 6.2.0 - Denial of Service via Invalid Sequence Number and IPC Socket Input
CVSS 6.5
CVE-2022-2618 MEDIUM
Google Chrome <104.0.5112.79 - Auth Bypass
CVSS 6.5
CVE-2022-20338 LOW
Android 11-12L - Local Privilege Escalation via HierarchicalUri.readFrom Input Validation
CVSS 3.3
CVE-2022-20314 MEDIUM
Android 13 - Local Privilege Escalation via KeyChain Spoofed Activity Request
CVSS 6.7
CVE-2022-20266 MEDIUM
Android 13 - Local Privilege Escalation via Companion Service Importance Manipulation
CVSS 5.0
CVE-2022-35668 MEDIUM
Adobe Acrobat Reader <22.001.20169, 20.005.30362, 17.012.30249 - In...
CVSS 5.5
CVE-2022-35666 HIGH
Adobe Acrobat Reader <22.001.20169, 20.005.30362, 17.012.30249 - RCE
CVSS 7.8
CVE-2022-28755 CRITICAL
Zoom Client for Meetings < 5.11.0 - URL Redirection to Untrusted Site via Malicious Meeting URL
CVSS 9.6
CVE-2022-20241 LOW
Android 13 - Local Information Disclosure via SMS Private File Attachment
CVSS 3.3
CVE-2022-20356 HIGH
Android 11-12L - Local Privilege Escalation via ActiveServices Foreground Service Validation
CVSS 7.8
CVE-2022-20355 MEDIUM
Android - Denial of Service in PacProxyService
CVSS 5.5
CVE-2022-20353 MEDIUM
Android - Local Information Disclosure via DefaultRingtonePreference Input Validation
CVSS 5.5
CVE-2022-20350 MEDIUM
Android - Local Information Disclosure via Notification Access Confirmation
CVSS 5.5
CVE-2022-20842 CRITICAL
Cisco RV340, RV340W, RV345, RV345P Firmware < 1.0.03.28 - Unauthenticated Remote Code Execution or Denial of Service
CVSS 9.0
CVE-2022-20841 CRITICAL
Cisco RV160, RV260, RV340, and RV345 Series Routers - Remote Code Execution and Denial of Service
CVSS 9.0
CVE-2022-31780 HIGH
Apache Traffic Server 8.0.0-9.1.2 - HTTP Request Smuggling via HTTP/2 Frame Handling
CVSS 7.5
CVE-2022-31779 HIGH
Apache Traffic Server 8.0.0-9.1.2 - HTTP Request Smuggling via HTTP/2 Header Parsing
CVSS 7.5
Details
Vulnerabilities 12,467
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits