Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,470 vulnerabilities with CWE-20

CVE-2021-34994 HIGH

Commvault CommCell - Authenticated Remote Code Execution via DataProvider Class JavaScript Injection

CVE-2021-43762 MEDIUM

Adobe Experience Manager < 6.5.10.0 and Cloud Service - Dispatcher Bypass

CVE-2021-30285 CRITICAL

Qualcomm AR8031 and related firmware - Improper Input Validation in Hypervisor Memory Region Mapping

CVE-2021-41769 HIGH

Siemens 6md85 Firmware < 8.83 - Improper Input Validation

CVE-2021-21408 HIGH

Smarty < 3.1.43 - Remote Code Execution via Restricted Static PHP Method

CVE-2021-38957 HIGH

IBM Security Verify <10.0.2.0 - Info Disclosure

CVE-2021-35247 MEDIUM KEV

SolarWinds Serv-U - Info Disclosure

CVE-2021-43779 CRITICAL

GLPI addressing plugin < 2.9.1 - Authenticated Remote Code Execution via Command Injection

CVE-2021-45116 HIGH

Django 2.2-2.2.25, 3.2-3.2.10, 4.0-4.0.0 - Information Disclosure via dictsort Template Filter

CVE-2021-43850 MEDIUM

Discourse <2.8.0.beta10, <2.7.12 - DoS

CVE-2021-41789 MEDIUM

MediaTek MT7615 and MT7622 Firmware - Denial of Service via Missing WiFi Driver Validation

CVE-2021-37116 CRITICAL

HarmonyOS < 2.0 - Improper Input Validation in PCManager

CVE-2021-24893 HIGH

Stars Rating < 3.5.1 - Denial of Service via Unvalidated Rating Submission

CVE-2021-45916 LOW

Shenwang Endpoint Protection < 7.20.0401 - Authenticated DoS via Shockwall

CVE-2021-30278 HIGH

Qualcomm AR8031 and related firmware - Information Disclosure via TrustZone Memory Transfer Interface

CVE-2021-43861 HIGH

mermaid < 8.13.8 - Remote Code Execution via Malicious Diagram

CVE-2021-44832 MEDIUM

Apache Log4j 2.0-beta7-2.17.0 - Remote Code Execution via JDBC Appender JNDI LDAP Data Source

CVE-2021-43548 MEDIUM

Patient Information Center iX <C.03 - Info Disclosure

CVE-2021-45711 HIGH

simple_asn1 <0.6.1 - Info Disclosure

CVE-2021-45687 CRITICAL

raw-cpuid <9.1.1 - Memory Corruption

CVE-2021-41788 MEDIUM

MediaTek MT7603E/MT7612/MT7613/MT7615/MT7622/MT7628/MT7629/MT7915 Firmware 7.4.0.0 Wi-Fi Auth Flood via Input Validation

CVE-2021-44548 CRITICAL

Apache Solr < 8.11.1 - Path Traversal via DataImportHandler Windows UNC Path

CVE-2021-4059 MEDIUM

Google Chrome <96.0.4664.93 - Info Disclosure

CVE-2021-38015 HIGH

Google Chrome < 96.0.4664.45 - Navigation Restriction Bypass via Malicious Extension

CVE-2021-44422 HIGH

Open Design Alliance Drawings SDK < 2022.12 - Heap-Based Buffer Overflow via BMP File Parsing

Previous Page 150 of 499 Next

Details

Vulnerabilities 12,470

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy