Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2022-24847 HIGH

GeoServer < 2.19.6 and 2.20.0-2.20.4 - Authenticated Expression Language Injection via JNDI Lookup

CVE-2022-24828 HIGH

Composer < 1.10.26 - Command Injection via VcsDriver getFileContent

CVE-2022-24818 HIGH

GeoTools < 24.6 - Authenticated Expression Language Injection via JNDI Lookup

CVE-2022-27655 MEDIUM

SAP 3D Visual Enterprise Viewer 9.0 - Denial of Service via Malformed Universal 3D File

CVE-2022-27654 MEDIUM

SAP 3D Visual Enterprise Viewer 9.0 - Denial of Service via Malformed Photoshop Document

CVE-2022-26109 MEDIUM

SAP 3D Visual Enterprise Viewer <9.0 - DoS

CVE-2022-26108 MEDIUM

SAP 3D Visual Enterprise Viewer <9.0 - DoS

CVE-2022-26107 MEDIUM

SAP 3D Visual Enterprise Viewer <9.0 - DoS

CVE-2022-26106 MEDIUM

SAP 3D Visual Enterprise Viewer <9.0 - DoS

CVE-2022-28329 MEDIUM

SCALANCE W1788 Series < 3.0.0 - Denial of Service via RemoteCapture TCP Packet Handling

CVE-2022-28328 HIGH

SCALANCE W1788 M12 Firmware < 3.0.0 - Denial of Service via Malformed Multicast LLC Frames

CVE-2022-25751 HIGH

Siemens SCALANCE X Series - Denial of Service via HTTP Header Validation

CVE-2022-1302 HIGH

LibIEC61850 < 1.5.1 - Unauthenticated Denial of Service via Crafted Goose Message

CVE-2022-27843 MEDIUM

Samsung Kies < 2.6.4.22014_2 - DLL Hijacking

CVE-2022-27842 MEDIUM

Samsung Smart Switch PC < 4.2.22022_4 - DLL Hijacking

CVE-2022-27835 HIGH

Android UWB Firmware - Arbitrary Memory Write via Improper Boundary Check

CVE-2022-27833 MEDIUM

Android DSP Driver - Integer Overflow to Out-of-Bounds Write

CVE-2022-27830 HIGH

Android - Improper Input Validation in SemBlurInfo

CVE-2022-27829 HIGH

Android - Improper Input Validation in VerifyCredentialResponse

CVE-2022-27828 HIGH

Android - Improper Input Validation in MediaMonitorEvent

CVE-2022-27827 HIGH

Android - Improper Input Validation in MediaMonitorDimension

CVE-2022-27826 HIGH

Android - Improper Input Validation in SemSuspendDialogInfo

CVE-2022-27574 MEDIUM

Android libsimba - Out-of-Bounds Write via parser_iloc and sheifd_find_itemIndexin Functions

CVE-2022-27573 MEDIUM

Android libsimba - Out-of-Bounds Write via parser_infe and sheifd_find_itemIndexin Functions

CVE-2022-25595 MEDIUM

ASUS RT-AC86U Firmware - Unauthenticated Denial of Service via LAN Request Handling

Previous Page 137 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy