Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,465 vulnerabilities with CWE-20

CVE-2024-32859 HIGH

Dell Client Platform BIOS - Code Execution via Improper Input Validation

CVE-2024-32858 HIGH

Dell Client Platform BIOS - Authenticated Code Execution via Improper Input Validation

CVE-2024-32856 MEDIUM

Dell Client Platform BIOS - Information Disclosure via Improper Input Validation

CVE-2024-34109 HIGH

Adobe Commerce 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier - Authenticated Remote Code Execution

CVE-2024-34108 CRITICAL

Adobe Commerce 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier - Authenticated Remote Code Execution

CVE-2024-36226 LOW

Adobe Experience Manager <6.5.20 - Info Disclosure

CVE-2024-26127 LOW

Adobe Experience Manager < 6.5.21 and < 2024.5 - Security Feature Bypass via Improper Input Validation

CVE-2024-26126 LOW

Adobe Experience Manager < 6.5.21 and < 2024.5 - Security Feature Bypass via Improper Input Validation

CVE-2024-30087 HIGH

Windows 10 1507-22H2, Windows 11 21H2-23H2, Windows Server 2008-2022 - Elevation of Privilege in Win32k

CVE-2024-30078 HIGH

Windows Wi-Fi Driver - Remote Code Execution

CVE-2024-35212 MEDIUM

SINEC Traffic Analyzer < 1.2 - Unauthenticated Database Access via Improper Input Validation

CVE-2024-36471 HIGH

Apache Allura 1.0.1-1.16.0 - Server-Side Request Forgery via Import Functionality

CVE-2024-27805 MEDIUM

macOS Ventura <13.6.7 - Info Disclosure

CVE-2024-31959 HIGH

Samsung Mobile Processor - Code Execution

CVE-2024-36740 HIGH

OneFlow v0.9.1 - Denial of Service via Negative Index Range Exceeding Size

CVE-2024-36734 HIGH

OneFlow v0.9.1 - Denial of Service via Negative Dim Parameter

CVE-2024-36745 HIGH

OneFlow v0.9.1 - Denial of Service via Negative Index in oneflow.index_select

CVE-2024-36737 HIGH

OneFlow v0.9.1 - Denial of Service via Negative oneflow.full Parameter

CVE-2024-36742 HIGH

OneFlow-Inc Oneflow 0.9.1 - Denial of Service via scatter_nd Index Parameter

CVE-2024-5171 CRITICAL

libaom 1.0.0-3.8.9 - Integer Overflow via img_alloc_helper

CVE-2024-27378 MEDIUM

Samsung Mobile Processor - Memory Corruption

CVE-2024-20405 MEDIUM

Cisco Finesse - Stored Cross-Site Scripting via RFI in Web Management Interface

CVE-2024-5439 MEDIUM

Blocksy <= 2.0.50 - Unauthenticated Reflected Cross-Site Scripting via Custom URL Parameter

CVE-2024-23669 MEDIUM

FortiWebManager 6.2.3-6.2.4, 6.3.0, 7.0.0-7.0.4, 7.2.0 - Unauthenticated Remote Code Execution via HTTP Requests or CLI

CVE-2024-28103 MEDIUM

Rails 6.1.0-6.1.7.7 - Improper Input Validation in Permissions-Policy Header

Previous Page 72 of 499 Next

Details

Vulnerabilities 12,465

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy