CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20
CVE-2022-29872 HIGH
Siemens 7kg8500-0aa00-0aa0 Firmware < 3.00 - Improper Input Validation
CVSS 8.8
CVE-2022-25162 MEDIUM
MELSEC iQ-F FX5U/FX5UC/FX5UJ/FX5S < 1.270 - Unauthenticated Denial of Service via Crafted Packets
CVSS 5.3
CVE-2022-25161 HIGH
MELSEC iQ-F FX5U/FX5UC/FX5UJ/FX5S < 1.270 - Unauthenticated Denial of Service via Crafted Packets
CVSS 8.6
CVE-2022-1727 HIGH
drawio < 18.0.6 - Improper Input Validation
CVSS 8.8
CVE-2022-28190 MEDIUM
NVIDIA GPU Display Driver - Denial of Service via DxgkDdiEscape Handler
CVSS 5.5
CVE-2022-28188 MEDIUM
NVIDIA GPU Display Driver - Denial of Service via DxgkDdiEscape Handler
CVSS 5.5
CVE-2022-28186 MEDIUM
NVIDIA GPU Display Driver - Denial of Service or Data Tampering via DxgkDdiEscape Handler
CVSS 6.1
CVE-2022-26782 HIGH
InHand Networks InRouter302 V3.5.4 - RCE
CVSS 8.8
CVE-2022-26781 HIGH
InHand Networks InRouter302 V3.5.4 - RCE
CVSS 8.8
CVE-2022-26780 HIGH
InHand Networks InRouter302 V3.5.4 - RCE
CVSS 8.8
CVE-2022-24382 MEDIUM
Intel(R) NUC - Privilege Escalation
CVSS 6.7
CVE-2022-21136 MEDIUM
Intel Core i9 and Xeon Firmware - Denial of Service via Improper Input Validation
CVSS 5.5
CVE-2022-29897 CRITICAL
PHOENIX CONTACT RAD-ISM-900-EN-* - Authenticated Remote Code Execution via Traceroute Utility
CVSS 9.1
CVE-2022-29613 MEDIUM
SAP Employee Self Service - Authenticated Employee Number Tampering via Insufficient Input Validation
CVSS 4.3
CVE-2022-1406 MEDIUM
GitLab 8.12-14.8.5, 14.9.0-14.9.3, 14.10.0 - CI/CD Variable Exposure via Malicious Project Import
CVSS 6.5
CVE-2022-1431 MEDIUM
GitLab 12.10-14.8.5, 14.9-14.9.3, 14.10 - Denial of Service via PyPi API Endpoint
CVSS 4.3
CVE-2022-30330 MEDIUM
KeepKey Firmware < 7.3.2 - Privilege Escalation and Security Bypass via Supervisor Interface
CVSS 6.6
CVE-2022-24098 HIGH
Adobe Photoshop <22.5.6, 23.2.2 - RCE
CVSS 7.8
CVE-2022-26889 HIGH
Splunk Enterprise <8.1.2 - Path Traversal
CVSS 8.8
CVE-2022-1053 CRITICAL
Keylime < 6.4.0 - Chain of Trust Bypass via Agent Registrar Data Mismatch
CVSS 9.1
CVE-2022-29479 MEDIUM
F5 Big-ip Access Policy Manager - Improper Input Validation
CVSS 5.3
CVE-2022-28708 MEDIUM
F5 BIG-IP <16.1.2.2 & 15.1.5.1 - DoS
CVSS 5.9
CVE-2022-28695 HIGH
F5 BIG-IP AFM <16.1.2.2, 15.1.5.1, 14.1.4.6, 13.1.5 - Privilege Esc...
CVSS 7.2
CVE-2022-27634 MEDIUM
BIG-IP APM 15.1.0-15.1.5.1 & 16.1.0-16.1.2.1 - Privilege Escalation & RCE via APM Policy
CVSS 6.5
CVE-2022-22433 HIGH
IBM Robotic Process Automation <21.0.2 - SSRF
CVSS 7.5
Details
Vulnerabilities 12,467
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits