Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,470 vulnerabilities with CWE-20

CVE-2021-26323 HIGH

AMD EPYC Firmware - Memory Integrity Impact via SEV Command Validation Failure

CVE-2021-26321 MEDIUM

AMD EPYC 7001 Series Firmware - Authenticated Denial of Service via SEV ID Command Validation

CVE-2021-42114 CRITICAL

Samsung DDR4 SDRAM Firmware - Rowhammer Bit Flip via Non-Uniform Access Patterns

CVE-2021-36325 HIGH

Dell Alienware BIOS < 1.15.1 Authenticated Arbitrary Code Execution in SMRAM via SMI

CVE-2021-36324 HIGH

Dell Alienware BIOS < 1.15.1 - Authenticated Arbitrary Code Execution in SMRAM via SMI

CVE-2021-36323 HIGH

Dell Alienware BIOS < 1.15.1 - Authenticated Arbitrary Code Execution in SMRAM via SMI

CVE-2021-3843 MEDIUM

Lenovo ThinkPad Firmware - Authenticated Arbitrary Code Execution via SMI EEPROM Access

CVE-2021-3786 MEDIUM

Lenovo Notebook/ThinkPad - Info Disclosure

CVE-2021-3719 MEDIUM

ThinkCentre/ThinkStation - Privilege Escalation

CVE-2021-3599 MEDIUM

Lenovo ThinkPad Firmware - Authenticated Arbitrary Code Execution via SMI Callback Function

CVE-2021-38985 MEDIUM

IBM Tivoli Key Lifecycle Manager <4.2 - Info Disclosure

CVE-2021-38973 LOW

IBM Tivoli Key Lifecycle Manager <4.2 - Info Disclosure

CVE-2021-38972 MEDIUM

IBM Tivoli Key Lifecycle Manager <4.2 - Info Disclosure

CVE-2021-30254 HIGH

Qualcomm APQ8009 and related firmware - Buffer Overflow via Factory Calibration DIAG Command

CVE-2021-34417 HIGH

Zoom On-Premise Meeting Connector < 4.6.365.20210703 - Remote Command Injection

CVE-2021-3911 MEDIUM

cloudflare/octorpki < 1.3.0 - Denial of Service via ROA IP Address Bit Overflow

CVE-2021-3910 MEDIUM

cloudflare/octorpki < 1.3.0 - Denial of Service via Invalid ROA Handling

CVE-2021-3907 HIGH

OctoRPKI < 1.3.0 - Path Traversal and Remote Code Execution via Unsanitized URI Filename

CVE-2021-3572 MEDIUM

pip < 21.1 - Remote Revision Manipulation via Unicode Separator Handling

CVE-2021-41772 HIGH

GO < 1.16.10 - Improper Input Validation

CVE-2021-41250 MEDIUM

pythondiscord/bot < 67390298852513d13e0213870e50fb3cff1424e0 - Moderation Filter Bypass via URL Inclusion

CVE-2021-43406 HIGH

FusionPBX <4.5.30 - Info Disclosure

CVE-2021-25509 MEDIUM

Samsung Flow <4.8.5.0 - Path Traversal

CVE-2021-25504 MEDIUM

Group Sharing <10.8.03.2 - Info Disclosure

CVE-2021-25503 MEDIUM

Android - Remote Code Execution via HDCP Input Validation

Previous Page 154 of 499 Next

Details

Vulnerabilities 12,470

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy