Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,468 vulnerabilities with CWE-20

CVE-2021-38122 MEDIUM

NetIQ Advanced Authentication < 6.3.5.1 - Cross-Site Scripting

CVE-2021-22508 HIGH

OpenText Operations Bridge Reporter - SQL Injection

CVE-2021-22280 HIGH

B&R Automation Studio 4.0-4.11 - Authenticated Uncontrolled Search Path Element

CVE-2021-33161 HIGH

Intel(R) Ethernet < - Privilege Escalation

CVE-2021-33146 MEDIUM

Intel(R) Ethernet < - Info Disclosure

CVE-2021-33142 MEDIUM

Intel Ethernet Controller I225 Firmware < 1.87 - Denial of Service via Improper Input Validation

CVE-2021-33141 HIGH

Intel I225 Firmware <1.87 & Driver <29.0.1 - DoS via Network Access

CVE-2021-26736 MEDIUM

Zscaler Client Connector < 3.6 - Local Privilege Escalation via Path Traversal

CVE-2021-29913 MEDIUM

IBM Security Verify Privilege On-Premise < 11.5 - Sensitive Information Disclosure

CVE-2021-36021 HIGH

Magento < 2.3.7-p1 - Authenticated Remote Code Execution via CMS Page Scheduled Update

CVE-2021-25748 HIGH

ingress-nginx < 1.2.1 - Authenticated Credential Exposure via Ingress Path Sanitization Bypass

CVE-2021-46773 HIGH

AMD Ryzen Firmware - Privileged Memory Corruption via ABL Input Validation

CVE-2021-46756 CRITICAL

AMD EPYC Firmware - Denial of Service and Integrity Loss via SVC_MAP_USER_STACK Input Validation

CVE-2021-46754 CRITICAL

AMD Ryzen 3000/5000 Series Firmware - Information Disclosure and Integrity Loss via ASP Bootloader Input Validation

CVE-2021-46775 MEDIUM

AMD EPYC Firmware - Arbitrary Memory Write via ABL Input Validation

CVE-2021-46769 HIGH

AMD EPYC Firmware - Authenticated Arbitrary DMA Execution via ASP Bootloader

CVE-2021-46762 LOW

AMD EPYC Firmware - Memory Corruption in SMU

CVE-2021-36402 MEDIUM

Moodle < 3.9.8 and 3.11.0-beta-3.11.1 - Improper Input Validation in Account Confirmation Email

CVE-2021-35370 CRITICAL

Imcat v5.4 - Remote Code Execution via Incomplete Filtering Function

CVE-2021-43448 MEDIUM

ONLYOFFICE Server < 7.0.0.49 - User Spoofing via Document Interaction

CVE-2021-46767 MEDIUM

AMD RomePi and MilanPi Firmware - Unauthenticated Denial of Service via ASP Input Validation

CVE-2021-26404 MEDIUM

AMD EPYC 7003 Firmware < milanpi-sp3_1.0.0.9 - Information Disclosure via SEV Scratch Buffer

CVE-2021-26316 HIGH

AMD EPYC 7002 Series Firmware - Arbitrary Code Execution in System Management Mode via BIOS Buffer Tampering

CVE-2021-28655 MEDIUM

Apache Zeppelin < 0.9.0 - Arbitrary File Deletion via Move Folder to Trash Feature

CVE-2021-44695 MEDIUM

SIMATIC S7-1200 CPU and S7-PLCSIM Advanced Firmware - Denial of Service via Crafted Packets to Port 102/tcp

Previous Page 141 of 499 Next

Details

Vulnerabilities 12,468

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy