Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,470 vulnerabilities with CWE-20

CVE-2021-25500 HIGH

HDCP LDFW <SMR Nov-2021 Release 1 - Code Injection

CVE-2021-40127 MEDIUM

Cisco Small Business 200/300/500 Series Switches - Unauthenticated Denial of Service via HTTP Request

CVE-2021-40120 MEDIUM

Cisco Small Business RV Series Routers - Authenticated OS Command Injection via Web Management Interface

CVE-2021-34597 HIGH

Phoenix Contact PC Worx < 1.88 - Unauthenticated Arbitrary File Write via Project File

CVE-2021-41585 HIGH

Apache Traffic Server 5.0.0-9.1.0 - Denial of Service via Socket Connection Handling

CVE-2021-37149 HIGH

Apache Traffic Server 8.0.0-8.1.2 and 9.0.0-9.1.0 - HTTP Request Smuggling via Header Parsing

CVE-2021-37148 HIGH

Apache Traffic Server 8.0.0-8.1.2 and 9.0.0-9.0.1 - HTTP Request Smuggling via Header Parsing

CVE-2021-37147 HIGH

Apache Traffic Server 8.0.0-8.1.2 and 9.0.0-9.1.0 - HTTP Request Smuggling via Header Parsing

CVE-2021-20707 HIGH

Transaction Server <4.3 - Info Disclosure

CVE-2021-20706 HIGH

NEC CLUSTERPRO X and EXPRESSCLUSTER X < 4.3 - Remote File Upload via WebManager

CVE-2021-20705 HIGH

NEC CLUSTERPRO X and EXPRESSCLUSTER X < 4.3 - Remote File Upload via WebManager

CVE-2021-37996 MEDIUM

Google Chrome < 95.0.4638.54 - Navigation Restriction Bypass via Malicious File Download

CVE-2021-25742 HIGH

ingress-nginx < 0.49.1 - Unauthenticated Secret Exposure via Custom Snippets

CVE-2021-22491 HIGH

Huawei EMUI and Magic UI - Denial of Service via Input Validation Vulnerability

CVE-2021-22467 MEDIUM

HarmonyOS - Unauthenticated Arbitrary Memory Read via Improper Input Validation

CVE-2021-22457 LOW

HarmonyOS - Out-of-Bounds Write via Improper Input Validation

CVE-2021-22452 MEDIUM

HarmonyOS - Improper Input Validation Leading to Arbitrary Memory Read

CVE-2021-34791 MEDIUM

Cisco Adaptive Security Appliance and Firepower Threat Defense - Unauthenticated NAT ALG Security Bypass

CVE-2021-34790 MEDIUM

Cisco Adaptive Security Appliance and Firepower Threat Defense - Unauthenticated NAT ALG Security Bypass

CVE-2021-34783 HIGH

Cisco ASA/Firepower Threat Defense - Unauthenticated DoS via Crafted SSL/TLS Message

CVE-2021-34756 MEDIUM

Cisco Firepower Management Center Virtual Appliance - Authenticated OS Command Injection

CVE-2021-34755 MEDIUM

Cisco Firepower Management Center Virtual Appliance - Authenticated OS Command Injection

CVE-2021-41173 MEDIUM

Go Ethereum <1.10.9 - Use After Free

CVE-2021-26607 HIGH

NEXACRO17 < 17.1.3.301 - Remote Code Execution via execDefaultBrowser Method

CVE-2021-41105 HIGH

FreeSWITCH < 1.10.7 - Unauthenticated Denial of Service via SRTP Packet Flood

Previous Page 155 of 499 Next

Details

Vulnerabilities 12,470

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy