CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20
CVE-2022-32253 MEDIUM
SINEMA Remote Connect Server < 3.1 - Unauthenticated Sensitive Information Exposure via OpenSSL Certificate Password
CVSS 4.9
CVE-2022-25167 CRITICAL
Apache Flume 1.4.0-1.9.0 - Remote Code Execution via JMS Source JNDI LDAP URI
CVSS 9.8
CVE-2022-29257 MEDIUM
Electron <18.0.0-beta.6, 17.2.0, 16.2.6, 15.5.5 - Code Injection
CVSS 6.6
CVE-2022-31762 HIGH
Huawei EMUI - Privilege Escalation via AMS Module Input Validation
CVSS 7.8
CVE-2022-31041 HIGH
Open Forms <1.0.9, 1.1.1 - File Upload Bypass
CVSS 7.6
CVE-2022-28383 MEDIUM
Verbatim drives <2022-03-31 - Code Injection
CVSS 6.8
CVE-2022-30744 MEDIUM
Samsung Kies < 2.6.4.22043_1 - DLL Hijacking via KiesWrapper
CVSS 6.2
CVE-2022-30726 MEDIUM
SecSettingsIntelligence <SMR Jun-2022 Release 1 - Privilege Escalation
CVSS 6.2
CVE-2022-30721 LOW
libsmkvextractor <SMR Jun-2022 Release 1 - Memory Corruption
CVSS 2.5
CVE-2022-30720 LOW
libsmkvextractor <SMR Jun-2022 Release 1 - Memory Corruption
CVSS 2.5
CVE-2022-30719 LOW
libsmkvextractor <SMR Jun-2022 Release 1 - Memory Corruption
CVSS 2.5
CVE-2022-30713 HIGH
LSOItemData <SMR Jun-2022 Release 1 - Info Disclosure
CVSS 8.5
CVE-2022-30712 HIGH
KfaOptions <SMR Jun-2022 Release 1 - Info Disclosure
CVSS 8.5
CVE-2022-30711 HIGH
FeedsInfo <SMR Jun-2022 Release 1 - Info Disclosure
CVSS 8.5
CVE-2022-30710 HIGH
RemoteViews <SMR Jun-2022 Release 1 - Info Disclosure
CVSS 8.5
CVE-2022-30709 LOW
SECRIL <SMR Jun-2022 Release 1 - Memory Corruption
CVSS 2.5
CVE-2022-28224 MEDIUM
Calico < 3.20.5, Calico Enterprise < 3.11.4, Calico 3.22.0-3.22.1 - Route Hijacking via Floating IP Annotation
CVSS 5.5
CVE-2022-30233 MEDIUM
Schneider Electric Wiser Smart EER21000 and EER21001 Firmware < 4.5 - Improper Input Validation
CVSS 6.5
CVE-2022-30232 HIGH
PowerLogic ION Setup Firmware < 3.2.22096.01 - Remote Code Execution via Request Interception
CVSS 8.0
CVE-2022-25163 CRITICAL
Mitsubishi Melsec Iq-r Rd81mes96n Firmware - Improper Input Validation
CVSS 9.8
CVE-2022-29169 HIGH
BigBlueButton <2.3.19, <2.4.7, <2.5.0-beta.2 - DoS
CVSS 7.5
CVE-2022-31013 CRITICAL
Vartalap Chat Server <2.6.0 - Auth Bypass
CVSS 9.1
CVE-2022-29243 MEDIUM
Nextcloud Server <22.2.7-23.0.4 - Info Disclosure
CVSS 4.3
CVE-2022-20797 MEDIUM
Cisco Secure Network Analytics - Command Injection
CVSS 5.5
CVE-2022-30789 HIGH
NTFS-3G <2021.8.22 - Buffer Overflow
CVSS 7.8
Details
Vulnerabilities 12,467
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits