Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,468 vulnerabilities with CWE-20

CVE-2021-44694 MEDIUM

SIMATIC S7-1200 CPU and S7-PLCSIM Advanced Firmware - Denial of Service via Crafted Packets to Port 102/tcp

CVE-2021-40365 HIGH

Siemens SIMATIC S7-1200 and ET 200 SP Open Controller - Denial of Service via Crafted Packets

CVE-2021-37533 MEDIUM

Apache Commons Net < 3.9.0 - Information Disclosure via FTP PASV Host Redirection

CVE-2021-26251 MEDIUM

Intel Distribution of OpenVINO Toolkit < 2021.4.2 - Authenticated Denial of Service via Network Access

CVE-2021-0185 HIGH

Intel(R) Server Board M10JNP <7.216 - Privilege Escalation

CVE-2021-44769 MEDIUM

Lanner Inc IAC-AST2500A Firmware 1.10.0 - Denial of Service via TLS Certificate Generation

CVE-2021-27774 LOW

HCL Digital Experience - Information Exposure via Error Response

CVE-2021-40017 CRITICAL

Huawei EMUI - Out-of-Bounds Memory Access in HW_KEYMASTER Module

CVE-2021-40648 MEDIUM

man2html 1.6g - Use-After-Free via Chunk Metadata Manipulation

CVE-2021-35122 CRITICAL

Qualcomm AQT1000 Firmware - Improper Input Validation

CVE-2021-35109 MEDIUM

Snapdragon Connectivity - Buffer Overflow

CVE-2021-3754 MEDIUM

Keycloak - Improper Input Validation in Username Registration

CVE-2021-4204 HIGH

Linux Kernel < 5.8.0 - Out-of-Bounds Memory Access in eBPF

CVE-2021-4125 HIGH

OpenShift 4.6.0-4.6.51 - Deserialization of Untrusted Data in Metering Hive Container

CVE-2021-4041 HIGH

ansible-runner < 2.1.0 - Command Injection via Improper Shell Command Escaping

CVE-2021-3442 MEDIUM

Red Hat OpenShift API Management - Authenticated Stored Cross-Site Scripting

CVE-2021-44545 MEDIUM

Intel Killer AC 1550 Firmware < 3.1122.1105 - Unauthenticated Denial of Service via Adjacent Access

CVE-2021-26639 HIGH

WISA Smart Wing CMS < r18715.20211229 - Unauthenticated Arbitrary File Read via Input Validation Bypass

CVE-2021-22289 HIGH

B&R Automation Studio >=4.0 - Unauthenticated Remote Code Execution via Project Upload Mechanism

CVE-2021-37150 HIGH

Apache Traffic Server 8.0.0-9.1.2 - Improper Input Validation in Header Parsing

CVE-2021-44221 HIGH

SIMATIC eaSie Core Package < 22.00 - Denial of Service via Message Passing Framework

CVE-2021-3675 MEDIUM

Synaptics Fingerprint Driver < 5.1.340.26 - Authenticated Heap Tag Overwrite via Improper Input Validation

CVE-2021-35116 HIGH

Qualcomm APQ8009 and related firmware - Remote Code Execution via Crafted Model Loading

CVE-2021-35111 HIGH

Snapdragon Connectivity - Info Disclosure

CVE-2021-35092 MEDIUM

Snapdragon Auto - Memory Corruption

Previous Page 142 of 499 Next

Details

Vulnerabilities 12,468

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy