Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,452 vulnerabilities with CWE-20

CVE-2024-38230 MEDIUM

Windows Standards-Based Storage Management Service - DoS

CVE-2024-38216 HIGH

Azure Stack Hub - Privilege Escalation

CVE-2024-38194 HIGH

Azure Web Apps - Privilege Escalation

CVE-2024-38046 HIGH

Windows 10 - PowerShell Elevation of Privilege via Improper Input Validation

CVE-2024-37965 HIGH

Microsoft SQL Server 2016-2022 Elevation of Privilege

CVE-2024-42424 MEDIUM

Dell Precision Rack <2.22.2 - Info Disclosure

CVE-2024-27366 MEDIUM

Samsung Mobile Processor - Heap Over-Read

CVE-2024-8445 MEDIUM

Red Hat Directory Server 11 and 12 - Authenticated Denial of Service via Malformed userPassword Input

CVE-2024-44808 CRITICAL

Vypor Attack API System 1.0 - Remote Code Execution via User GET Parameter

CVE-2024-45446 MEDIUM

Huawei EMUI and HarmonyOS - Denial of Service via Camera Driver Module

CVE-2024-45444 MEDIUM

Huawei EMUI and HarmonyOS - Improper Input Validation in WMS Module

CVE-2024-45441 MEDIUM

Huawei EMUI and HarmonyOS - Denial of Service via System Service Input Verification

CVE-2024-44809 CRITICAL

Pi Camera 1.0 - Remote Code Execution via Tilt Position GET Parameter

CVE-2024-38811 HIGH

VMware Fusion 13.0.0-13.5 - Authenticated Remote Code Execution via Insecure Environment Variable

CVE-2024-23362 HIGH

Qualcomm 9205 LTE Modem Firmware - Cryptographic Issue via RSA Key Parsing

CVE-2024-38303 MEDIUM

Dell PowerEdge Platform <2.22.x - Info Disclosure

CVE-2024-45058 HIGH

i-Educar <2.9 - Privilege Escalation

CVE-2024-41565 MEDIUM

JustEnoughItems < 11.6.0.1021 - Item Duplication via Unvalidated Slot Index

CVE-2024-7988 CRITICAL

Rockwell Automation ThinManager ThinServer - RCE

CVE-2024-8073 CRITICAL

Hillstone Networks Web App FW <5.5R6-2.8.13 - Command Injection

CVE-2024-45258 CRITICAL

imroc/req < 3.43.4 - Unintended Request via Malformed URL

CVE-2024-45236 HIGH

nicmx fort-validator < 1.6.3 - Denial of Service via Empty Signed Attributes Field

CVE-2024-42531 CRITICAL

Ezviz Internet PT Camera CS-CV246 D15655150 - SSRF

CVE-2024-41849 MEDIUM

Adobe Experience Manager < 6.5.21 and < 2024.5 - Security Feature Bypass via Improper Input Validation

CVE-2024-45169 CRITICAL

UCI IDOL 2 <2.12 - DoS/Code Execution

Previous Page 66 of 499 Next

Details

Vulnerabilities 12,452

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy