Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,451 vulnerabilities with CWE-20

CVE-2024-23386 MEDIUM

Qualcomm Wsa8835 Firmware - Improper Input Validation

CVE-2024-33700 HIGH

LevelOne WBR-6012 Firmware R0.40e6 - Denial of Service via Malformed FTP Commands

CVE-2024-22065 MEDIUM

ZTE MF258 Pro Firmware - Authenticated OS Command Injection via Ping Diagnosis Interface

CVE-2024-45802 HIGH

squid 3.0-6.9 - Denial of Service via Trusted Server Response

CVE-2024-0127 HIGH

NVIDIA vGPU and Cloud Gaming < 17.4, 16.8, and October 2024 - Improper Input Validation in GPU Kernel Driver

CVE-2024-0126 HIGH

NVIDIA GPU Display Driver - Privilege Escalation

CVE-2024-49753 MEDIUM

Zitadel < 2.58.7, 2.64.0 - Server-Side Request Forgery via DNS Record Bypass

CVE-2024-20495 HIGH

Cisco Adaptive Security Appliance Software - Unauthenticated Denial of Service via Remote Access VPN Key Validation

CVE-2024-20274 MEDIUM

Cisco Secure Firewall Management Center - XSS

CVE-2024-48919 CRITICAL

Cursor <Sep 27, 2024 - Code Injection

CVE-2024-49368 CRITICAL

nginxui/nginx_ui < 2.0.0-beta.36 - OS Command Injection via Logrotate Configuration

CVE-2024-49361 HIGH

ACON <= 1.1.0 Input Validation - Remote Code Execution

CVE-2024-48918 HIGH

RDSlight < 1.1.0 - Command Injection and Memory Tampering via User Input Handling

CVE-2024-9348 HIGH

Docker Desktop < 4.34.3 - Remote Code Execution via GitHub Source Link in Build View

CVE-2024-45219 HIGH

Apache CloudStack <4.18.2.3-4.19.1.1 - Info Disclosure

CVE-2024-48914 CRITICAL

Vendure asset-server-plugin < 2.3.3 and 3.0.0-3.0.5 - Path Traversal and Denial of Service via Malformed URI

CVE-2024-6207 HIGH

Rockwell Automation PN1550 - Privilege Escalation

CVE-2024-8755 HIGH

LoadMaster <7.2.60.1 - OS Command Injection

CVE-2024-9507 MEDIUM

The Contact Form by Bit Form <2.15.2 - Info Disclosure

CVE-2024-45117 HIGH

Adobe Commerce <2.4.7-p2 - Info Disclosure

CVE-2024-47823 CRITICAL

Livewire <2.12.7-3.5.2 - Code Injection

CVE-2024-43611 HIGH

Windows Server RRAS Remote Code Execution (2008, 2012, 2016, 2019, 2022)

CVE-2024-43593 HIGH

Windows Server RRAS Remote Code Execution (2008, 2012, 2016, 2019, 2022)

CVE-2024-43592 HIGH

Windows Server RRAS Remote Code Execution (2008, 2012, 2016, 2019, 2022)

CVE-2024-43561 MEDIUM

Windows Mobile Broadband Driver - Denial of Service via Out-of-bounds Read

Previous Page 63 of 499 Next

Details

Vulnerabilities 12,451

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy