Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,451 vulnerabilities with CWE-20

CVE-2024-21976 HIGH

AMD Ryzen AI NPU Driver - Crafted Pointer Code Execution

CVE-2024-21975 HIGH

AMD Ryzen AI NPU Driver - Crafted Pointer Code Execution

CVE-2024-21974 HIGH

AMD Ryzen AI NPU Driver - Crafted Pointer Code Execution

CVE-2024-21949 MEDIUM

AMD Ryzen AI Software < 1.2 - Denial of Service via NPU Driver Buffer Size Validation

CVE-2024-10944 HIGH

Rockwell FactoryTalk Updater < 4.20 - Malicious Agent Code Execution

CVE-2024-50386 HIGH

Apache CloudStack 4.0.0-4.18.2.4 and 4.19.0.0-4.19.1.2 - Unauthenticated Template Registration to Host Filesystem Access

CVE-2024-39281 MEDIUM

FreeBSD 14.1-RELEASE < p6, 13.4-RELEASE < p2, 13.3-RELEASE < p8 - Memory Allocation via ctl_persistent_reserve_out

CVE-2024-37365 HIGH

Rockwell Automation FactoryTalk View - Remote Code Execution via Project File Modification

CVE-2024-50560 LOW

Siemens SCALANCE and RUGGEDCOM Devices < V8.2 - Username Truncation via SSH or Telnet

CVE-2024-50557 HIGH

Siemens SCALANCE and RUGGEDCOM Devices < 8.2 - Unauthenticated Remote Code Execution via Iperf Configuration Input

CVE-2024-11079 MEDIUM

ansible-core >=2.18.0b1 <2.18.1rc1 - Arbitrary Code Execution via Hostvars Object

CVE-2024-23983 MEDIUM

Ping Identity PingAccess - Canonical URL Encoding Rule Bypass

CVE-2024-52286 LOW

Stirling-PDF < 0.32.0 - Unauthenticated Stored Cross-Site Scripting via Merge Filename

CVE-2024-50343 LOW

symfony/validator < 5.4.43, 6.0.0-6.4.11, 7.0.0-7.1.4 - Regular Expression Bypass via Newline Character

CVE-2024-20484 HIGH

Cisco Enterprise Chat and Email < 12.5(1)es9 - Unauthenticated Denial of Service via Crafted MR PIM Traffic

CVE-2024-50333 MEDIUM

SuiteCRM < 7.14.6 - Arbitrary File Write via ParserLabel::addLabels()

CVE-2024-49774 HIGH

SuiteCRM <7.14.6, <8.7.1 - Code Injection

CVE-2024-51530 MEDIUM

Huawei EMUI and HarmonyOS - Improper Input Validation in Account Module

CVE-2024-51529 MEDIUM

Huawei EMUI and HarmonyOS - Data Verification Vulnerability in Battery Module

CVE-2024-51520 MEDIUM

Huawei HarmonyOS HDC Module - Denial of Service

CVE-2024-51519 MEDIUM

HarmonyOS - Denial of Service via HDC Module Input Parameter

CVE-2024-51514 MEDIUM

HarmonyOS - Improper Input Validation in VPN Module Pop-up Windows

CVE-2024-51512 MEDIUM

HarmonyOS - Denial of Service via WantAgent Parameter Type Verification

CVE-2024-51511 MEDIUM

HarmonyOS - Denial of Service via WantAgent Parameter Type Verification

CVE-2024-33031 MEDIUM

Qualcomm WCN3660B Firmware - Memory Corruption via Update SIM PB Records Request

Previous Page 62 of 499 Next

Details

Vulnerabilities 12,451

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy