Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,470 vulnerabilities with CWE-20

CVE-2021-25471 LOW

Security Mode Command <SMR Oct-2021 Release 1 - DoS

CVE-2021-25468 MEDIUM

Widevine trustlet <SMR Oct-2021 Release 1 - Memory Corruption

CVE-2021-41114 MEDIUM

TYPO3 11.0.0-11.5.0 - Host Header Spoofing via trustedHostsPattern Regression

CVE-2021-21705 MEDIUM

PHP 7.3.0-7.3.28 - Improper Input Validation in filter_var URL Validation

CVE-2021-28547 HIGH

Adobe Creative Cloud Desktop Application < 5.3 - Privilege Escalation via OOBE Directory Deletion

CVE-2021-36283 HIGH

Dell BIOS - Authenticated Arbitrary Code Execution in SMRAM via SMI

CVE-2021-40712 MEDIUM

Adobe Experience Manager <6.5.9.0 - DoS

CVE-2021-34416 CRITICAL

Zoom Meeting Connector < 4.6.360.20210325 - Remote Command Injection via Network Address Settings

CVE-2021-34414 HIGH

Zoom Meeting Connector < 4.6.348.20201217 - Authenticated Remote Command Injection via Network Proxy Configuration

CVE-2021-34570 HIGH

Phoenix Contact PLCnext Control Devices < 2021.0.5 - Denial of Service via Crafted JSON Request

CVE-2021-41583 MEDIUM

vpn-user-portal 2.3.2-2.3.13 - Authenticated Arbitrary File Read via QR Code Exec Interaction

CVE-2021-34714 HIGH

Cisco FXOS 2.2-2.2.2.148, Firepower, IOS, IOS XE, IOS XR, NX-OS < 8.4(3.115) - DoS via UDLD Packet

CVE-2021-3583 HIGH

Ansible Automation Platform - Code Injection via Template Injection

CVE-2021-39230 HIGH

Butter < 1.5 - Improper Input Validation

CVE-2021-41531 HIGH

NLnet Labs Routinator <0.10.0 - Buffer Overflow

CVE-2021-25741 HIGH

Kubernetes < 1.19.14 - Unauthenticated Files or Directories Accessible via Subpath Volume Mounts

CVE-2021-41380 MEDIUM

RealVNC Viewer 6.21.406 - Denial of Service via Crafted RFB Protocol Data

CVE-2021-38304 HIGH

NI-PAL <20.0.0 - Privilege Escalation

CVE-2021-30261 HIGH

Qualcomm APQ8009 and related firmware - Integer and Heap Overflow via Beacon Template Update Command

CVE-2021-30260 HIGH

Qualcomm APQ8009 and other Snapdragon Firmware - Integer Overflow to Buffer Overflow via Extscan Hostlist Configuration

CVE-2021-41079 HIGH

Apache Tomcat 8.5.0-8.5.63 9.0.0-M1-9.0.43 10.0.0-M1-10.0.2 - Denial of Service via TLS Packet Validation Bypass

CVE-2021-37909 CRITICAL

TSSServiSignAdapter < 1.0.20.0316 - Unauthenticated Arbitrary Registry Write via WriteRegistry Function

CVE-2021-23030 HIGH

F5 Big-ip Advanced Web Application Firewall < 12.1.6 - Improper Input Validation

CVE-2021-23028 HIGH

F5 <16.0.1.2, 15.1.3.1, 14.1.4.2, 13.1.4 - DoS

CVE-2021-23036 HIGH

F5 BIG-IP Advanced Web Application Firewall 16.0.0-16.0.1 - Denial of Service via ASM and DataSafe Profile Configuration

Previous Page 157 of 499 Next

Details

Vulnerabilities 12,470

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy