Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,451 vulnerabilities with CWE-20

CVE-2025-21344 HIGH

Microsoft SharePoint Server - Remote Code Execution

CVE-2025-21284 MEDIUM

Windows 10/11, Server 2016-2019 - DoS in Virtual TPM

CVE-2025-21280 MEDIUM

Windows 10/11, Server 2016-2019 - DoS in Virtual TPM

CVE-2025-21235 HIGH

Windows PrintWorkflowUserSvc - Elevation of Privilege

CVE-2025-21234 HIGH

Windows 10/11, Server 2022/2025 - Elevation of Privilege in PrintWorkflowUserSvc

CVE-2025-21230 HIGH

Windows 10 1507-24H2 and Windows Server 2008-2012 - Denial of Service in MSMQ

CVE-2025-0465 HIGH

AquilaCMS 1.412.13 - Deserialization

CVE-2025-22137 CRITICAL

Pingvin Share <1.4.0 - Code Injection

CVE-2024-21944 MEDIUM

Amd Epyc™ 7003 Series Processors - Improper Input Validation

CVE-2024-54011 MEDIUM

Missing Error/Exception Handling

CVE-2024-55020 CRITICAL

Weintek cMT-3072XH2 v2.1.53 - Command Injection

CVE-2024-4027 HIGH

undertow-core < 2.3.21.Final - Unauthenticated Denial of Service via Large Parameter Names

CVE-2024-3884 HIGH

Undertow < 2.3.21.Final - Denial of Service via Form Data Parsing

CVE-2024-47866 HIGH

Ceph <= 19.2.3 - Denial of Service via Empty Content in x-amz-copy-source Argument

CVE-2024-45301 MEDIUM

mintty 2.3.6-3.7.4 - Unauthenticated NTLM Hash Exposure via Escape Sequence

CVE-2024-45431 MEDIUM

OpenSynergy BlueSDK <=6.x - Improper Input Validation

CVE-2024-56190 HIGH

Android - Local Privilege Escalation via Improper Input Validation in wl_update_hidden_ap_ie()

CVE-2024-43115 HIGH

Apache DolphinScheduler <3.2.2 - RCE

CVE-2024-37777 HIGH

Zoneland O2oa - Code Injection

CVE-2024-52279 MEDIUM

Apache Zeppelin <0.12.0 - Improper Input Validation

CVE-2024-42516 HIGH

Apache HTTP Server <2.4.64 - Info Disclosure

CVE-2024-55567 HIGH

Insyde InsydeH2O 5.4-5.4.05.47.01, 5.5-5.55.01, 5.6-5.62.01, 5.7-5.71.01 - Arbitrary Code Execution via SMM Call Out

CVE-2024-1244 CRITICAL

OSSEC HIDS <3.8.0 - Info Disclosure

CVE-2024-1243 HIGH

Wazuh < 4.8.0 - NetNTLMv2 Hash Leak via Malicious UNC Path Configuration

CVE-2024-51392 HIGH

OpenKnowledgeMaps Headstart v7 - Privilege Escalation

Previous Page 56 of 499 Next

Details

Vulnerabilities 12,451

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy