Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,451 vulnerabilities with CWE-20

CVE-2024-12401 MEDIUM

cert-manager < 1.12.14 - Denial of Service via PEM Data Processing

CVE-2024-49087 MEDIUM

Windows 10/11, Server 2019/2022/2025 - Information Disclosure via Mobile Broadband Driver

CVE-2024-49073 MEDIUM

Windows Mobile Broadband Driver - Elevation of Privilege via Improper Input Validation

CVE-2024-49057 HIGH

Microsoft Defender for Endpoint < 1.0.7128.0101 - Spoofing

CVE-2024-11737 CRITICAL

Schneider Electric Modicon M241/M251/M258/LMC058 - DoS & Confidentiality Loss via Modbus

CVE-2024-55655 LOW

sigstore-python 2.0.0-3.6.0 - Improper Input Validation of Integration Time in v2 and v3 Bundles

CVE-2024-55653 MEDIUM

pwndoc <= 0.5.3 - Authenticated Denial of Service via Audit ID Handling

CVE-2024-52831 LOW

Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Security Feature Bypass via Improper Input Validation

CVE-2024-43755 LOW

Adobe Experience Manager < 6.5.22.0 and < 2024.11.0 - Security Feature Bypass via Improper Input Validation

CVE-2024-52982 HIGH

Adobe Animate 23.0.0-23.0.8 and <=24.0.5 - Arbitrary Code Execution via Malicious File

CVE-2024-52051 HIGH

SIMATIC S7-PLCSIM V17-V19, STEP 7 V17-V19, WinCC Unified PC Runtime...

CVE-2024-45761 MEDIUM

Dell OpenManage Server Administrator < 11.1.0.0 - Remote Code Execution via Web Plugin Injection

CVE-2024-46901 LOW

Apache Subversion <1.14.4 - Info Disclosure

CVE-2024-12355 LOW

Phone Contact Manager System 1.0 - Improper Input Validation in ContactBook::adding

CVE-2024-12353 LOW

SourceCodester Phone Contact Manager System 1.0 - Improper Input Validation in User Menu

CVE-2024-54140 LOW

sigstore-java < 1.2.0 - Insufficient Bundle Signature Verification in KeylessVerifier

CVE-2024-12138 MEDIUM

horilla < 1.2.1 - Remote Code Execution via Untrusted Data Deserialization

CVE-2024-11985 MEDIUM

ASUS RT-AX55 RT-AX56U RT-AX57 RT-AX58U - Denial of Service via Improper Input Validation

CVE-2024-52815 MEDIUM

Synapse < 1.120.1 - Denial of Service via Malformed Federation Invite

CVE-2024-43052 HIGH

Qualcomm Mobile and FastConnect Platform Firmware - Memory Corruption in NPU

CVE-2024-52337 MEDIUM

Fast Datapath for Red Hat Enterprise Linux - Log Spoofing via Improper Input Sanitization

CVE-2024-22117 LOW

Zabbix 5.0.0-5.0.43 - Denial of Service via sysmapelementurlid Manipulation

CVE-2024-11662 MEDIUM

welliamcao OpsManage <3.0.5 - Deserialization

CVE-2024-11234 MEDIUM

PHP 8.1.0-8.1.30 - HTTP Request Smuggling via Proxy Stream URI Sanitization Bypass

CVE-2024-9257 MEDIUM

Logsign Unified SecOps Platform < 6.4.26 - Authenticated Arbitrary File Deletion via delete_gsuite_key_file Endpoint

Previous Page 60 of 499 Next

Details

Vulnerabilities 12,451

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy