Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,465 vulnerabilities with CWE-20

CVE-2024-38021 HIGH

Microsoft Outlook - Remote Code Execution

CVE-2024-22271 HIGH

Spring Cloud Function <4.1.2, <4.0.8 - DoS

CVE-2024-35227 HIGH

Discourse < 3.2.3 - Denial of Service via Malicious Onebox URL

CVE-2024-32755 CRITICAL

American Dynamics Illustra Essentials Gen 4 < Illustra.Ess4.01.02.10.5982 - Improper Input Validation

CVE-2024-0158 MEDIUM

Dell Alienware and Chengming Firmware - Denial of Service and Privilege Escalation via UEFI Variable Modification

CVE-2024-39573 HIGH

Apache HTTP Server < 2.4.60 - Server-Side Request Forgery via mod_rewrite RewriteRule

CVE-2024-6376 HIGH

MongoDB Compass <1.42.2 - Code Injection

CVE-2024-38525 HIGH

dd-trace-cpp <0.2.2 - Memory Corruption

CVE-2024-30110 LOW

HCL DRYiCE AEX - Cross-Site Scripting via Input Validation Bypass

CVE-2024-5276 CRITICAL

Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)

CVE-2024-5990 HIGH

Rockwell Automation ThinManager/ThinServer 11.1.0-11.1.7 DoS via Malicious Monitor Thread Message

CVE-2024-5989 CRITICAL

Rockwell Automation ThinManager and ThinServer 11.1.0-11.1.7 - Unauthenticated SQL Injection and Remote Code Execution

CVE-2024-5988 CRITICAL

Rockwell Automation ThinManager/ThinServer 11.1.0-11.1.7 - Remote Code Execution

CVE-2024-21519 MEDIUM

OpenCart >= 4.0.0.0 - Authenticated Arbitrary File Creation via Database Restoration

CVE-2024-6239 HIGH

Poppler - Denial of Service via Pdfinfo -dests Parameter

CVE-2024-38359 MEDIUM

Lightning Network Daemon <0.17.0 - DoS

CVE-2024-37346 MEDIUM

Absolute Secure Access < 13.06 - Authenticated Denial of Service via Warehouse Invalid Data

CVE-2024-34693 MEDIUM

Apache Superset < 3.1.3 - Authenticated File Read via MariaDB Connection with local_infile

CVE-2024-38355 HIGH

Socket.IO < 2.5.1 and 3.0.0-4.6.2 - Denial of Service via Crafted Packet

CVE-2024-4787 MEDIUM

Cost Calculator Builder PRO <3.1.75 - XSS

CVE-2024-5533 MEDIUM

Divi <= 4.25.1 - Authenticated Stored Cross-Site Scripting

CVE-2024-37794 HIGH

CVC5 Solver 1.1.3 - Denial of Service via Crafted SMT2 Input File

CVE-2024-32907 HIGH

Android - Local Privilege Escalation via memcall_add Buffer Overflow

CVE-2024-32903 HIGH

Android - Local Privilege Escalation via Improper Input Validation in lwis_transaction.c

CVE-2024-32860 HIGH

Dell Alienware BIOS < 1.26.0 - Authenticated Code Execution via Improper Input Validation

Previous Page 71 of 499 Next

Details

Vulnerabilities 12,465

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy