CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20
CVE-2022-20779 CRITICAL
Cisco Enterprise NFV Infrastructure Software < 4.7.1 - Improper Access Control
CVSS 9.9
CVE-2022-28791 MEDIUM
Galaxy Store <4.5.41.8 - Info Disclosure
CVSS 6.2
CVE-2022-28783 MEDIUM
Galaxy Themes <SMR May-2022 Release 1 - Privilege Escalation
CVSS 6.2
CVE-2022-28781 HIGH
Settings <SMR-May-2022 Release 1 - Privilege Escalation
CVSS 7.7
CVE-2022-20745 HIGH
Cisco ASA & FTD Unauthenticated DoS via HTTPS Request Parsing
CVSS 8.6
CVE-2022-20715 HIGH
Cisco Adaptive Security Appliance and Firepower Threat Defense - Denial of Service via Remote Access SSL VPN
CVSS 8.6
CVE-2022-21144 HIGH
libxmljs < 0.19.8 - Denial of Service via parseXml Function
CVSS 7.5
CVE-2022-28196 MEDIUM
NVIDIA Jetson Linux < 32.7.2 - Authenticated Memory Buffer Overflow in Cboot blob_decompress
CVSS 4.6
CVE-2022-28195 MEDIUM
NVIDIA Jetson Linux < 32.7.2 - Integer Overflow in Cboot ext4_read_file Function
CVSS 5.7
CVE-2022-28193 MEDIUM
NVIDIA Jetson Linux < 32.7.2 - Authenticated Memory Buffer Overflow in Cboot tegrabl_cbo.c
CVSS 5.6
CVE-2022-24881 HIGH
ballcat/codegen < 1.0.0.beta.2 - Remote Code Execution via Template Engine Injection
CVSS 8.8
CVE-2022-29499 CRITICAL KEV
Mitel MiVoice Connect < 22.20.2300.0 - Remote Code Execution via Service Appliance Data Validation
CVSS 9.8
CVE-2022-1108 MEDIUM
ThinkPad X1 Fold Gen 1 Firmware < N2PET50W - Authenticated Arbitrary Code Execution via SMI Handler Buffer Overflow
CVSS 6.7
CVE-2022-1107 MEDIUM
Lenovo ThinkPad Firmware - Privilege Escalation via SMM Boot Services Handler
CVSS 6.7
CVE-2022-24423 MEDIUM
Dell iDRAC8 < 2.83.83.83 - Unauthenticated Denial of Service via Resource Exhaustion
CVSS 5.3
CVE-2022-20783 HIGH
Cisco TelePresence <9.15.10.8 & RoomOS <2022 - DoS via H.323
CVSS 7.5
CVE-2022-24861 CRITICAL
Databasir 1.01 - Remote Code Execution via Unvalidated JDBC Driver
CVSS 9.9
CVE-2022-0567 CRITICAL
ovn-kubernetes - Privilege Escalation
CVSS 9.1
CVE-2022-27421 HIGH
Chamilo LMS < 1.11.14 - Privilege Escalation via User Modification Form
CVSS 7.2
CVE-2022-20761 HIGH
Cisco IOS - Unauthenticated Denial of Service via Crafted Wireless Traffic
CVSS 7.4
CVE-2022-20684 HIGH
Cisco IOS XE Wireless Controller - DoS
CVSS 7.4
CVE-2022-20679 MEDIUM
Cisco IOS XE - Denial of Service via IPSec Decryption Buffer Exhaustion
CVSS 6.8
CVE-2022-20676 MEDIUM
Cisco IOS XE - Privilege Escalation
CVSS 5.1
CVE-2022-24846 CRITICAL
GeoWebCache < 1.19.3 - Remote Code Execution via JNDI Lookup in Disk Quota Mechanism
CVSS 9.1
CVE-2022-28711 CRITICAL
ArduPilot APWeb <50b6b7ac-46177cb9 - Memory Corruption
CVSS 9.8
Details
Vulnerabilities 12,467
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits