Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,468 vulnerabilities with CWE-20

CVE-2021-4219 MEDIUM

ImageMagick < 6.9.12-9 - Denial of Service via Improper File Handling

CVE-2021-27420 MEDIUM

GE Multilin UR Series Firmware < 8.10 - Denial of Service via Unsupported HTTP Verb Handling

CVE-2021-27418 MEDIUM

GE Multilin UR Firmware < 8.10 - Cross-Site Scripting via Improper Input Validation

CVE-2021-44040 HIGH

Apache Traffic Server 8.0.0-8.1.3 and 9.0.0-9.1.1 - Improper Input Validation in Request Line Parsing

CVE-2021-39701 HIGH

Android 11-12 - Local Privilege Escalation via ControlsProviderLifecycleManager ServiceConnection

CVE-2021-38910 MEDIUM

IBM DataPower Gateway V10CD-2108.4.1 - Auth Bypass

CVE-2021-42857 MEDIUM

Riverbed SteelCentral AppInternals Dynamic Sampling Agent 11.0.0-11.8.7 - Path Traversal via AgentDaServlet API

CVE-2021-42856 MEDIUM

Riverbed SteelCentral AppInternals Dynamic Sampling Agent - Reflected XSS via DsaDataTest Metric Parameter

CVE-2021-42854 CRITICAL

SteelCentral AppInternals Dynamic Sampling Agent 11.0.0-11.8.7 - Path Traversal via PluginServlet API

CVE-2021-42853 CRITICAL

SteelCentral AppInternals Dynamic Sampling Agent 11.0.0-11.8.7 - Path Traversal via AgentDiagnosticServlet Logs API

CVE-2021-42787 CRITICAL

SteelCentral AppInternals Dynamic Sampling Agent 11.0.0-11.8.7 - Path Traversal and Arbitrary File Write

CVE-2021-42786 CRITICAL

SteelCentral AppInternals Dynamic Sampling Agent 11.0.0-11.8.7 - Remote Code Execution via API Request Injection

CVE-2021-20302 MEDIUM

OpenEXR - Denial of Service via TiledInputFile Floating-Point Exception

CVE-2021-23192 HIGH

Samba 4.10.0-4.13.13 - DCE/RPC Request Fragment Signature Bypass

CVE-2021-32586 HIGH

FortiMail < 7.0.1 - Unauthenticated Environment Variable Injection via Web Server CGI

CVE-2021-26617 HIGH

firstmall - Remote Code Execution via navercheckout_add Function

CVE-2021-26618 HIGH

ToOffice < 3.15.6 - Arbitrary File Creation via ToWord Input Validation

CVE-2021-4120 HIGH

snapd < 2.54.3 - AppArmor Policy Rule Injection via Malformed Content Interface and Layout Declarations

CVE-2021-3781 CRITICAL

Ghostscript - Command Execution via SAFER Sandbox Escape

CVE-2021-39676 HIGH

Android 11 - Local Privilege Escalation via Parcel Deserialization Mismatch

CVE-2021-22800 HIGH

Modicon M218 Logic Controller <5.1.0.6 - DoS

CVE-2021-22787 HIGH

Schneider Electric Modicon M340 BMXP34 < V3.40 & X80 - DoS via Crafted HTTP Request

CVE-2021-44454 HIGH

Intel Quartus Prime Pro Edition < 21.3 - Authenticated Privilege Escalation via Third-Party Component

CVE-2021-33155 MEDIUM

Intel(R) Wireless Bluetooth(R) & Killer(TM) Bluetooth(R) <22.100 - DoS

CVE-2021-33115 HIGH

Intel(R) PROSet/Wireless WiFi - Privilege Escalation

Previous Page 145 of 499 Next

Details

Vulnerabilities 12,468

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy