Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,465 vulnerabilities with CWE-20

CVE-2024-23668 HIGH

FortiWebManager 6.2.3-6.2.4, 6.3.0, 7.0.0-7.0.4, 7.2.0 - Unauthenticated Remote Code Execution via HTTP Requests or CLI

CVE-2024-36390 HIGH

MileSight DeviceHub - Denial of Service via Improper Input Validation

CVE-2024-5138 HIGH

snapd 2.51.6-2.63.1 - Privilege Escalation via snapctl Command-Line Argument Parsing

CVE-2024-34009 HIGH

Moodle 4.3.0-4.3.3 - Unauthenticated ReCAPTCHA Bypass on Login Page

CVE-2024-33999 CRITICAL

Moodle 4.3.0-4.3.4 - Improper Input Validation in MFA Referrer URL

CVE-2024-33996 MEDIUM

Calendar Web Service - Info Disclosure

CVE-2024-22338 MEDIUM

IBM Security Verify Access OIDC Provider <23.03 - Info Disclosure

CVE-2024-3584 HIGH

qdrant/qdrant <1.9.0-dev - Path Traversal

CVE-2024-3657 HIGH

Red Hat Directory Server - Denial of Service via Specially-Crafted LDAP Query

CVE-2024-2199 MEDIUM

Red Hat Directory Server - Authenticated Denial of Service via Malformed userPassword Input

CVE-2024-35384 MEDIUM

Cesanta mjs 2.20.0 - Denial of Service via mjs_array_length Function

CVE-2024-4287 HIGH

mintplex-labs/anything-llm - Privilege Escalation

CVE-2024-36053 CRITICAL

mintupload <4.2.0 - Command Injection

CVE-2024-22429 HIGH

Dell BIOS - Authenticated Arbitrary Code Execution via Improper Input Validation

CVE-2024-22120 CRITICAL

Zabbix 6.0.0-6.0.27 - Time-Based Blind SQL Injection via Audit Log Client IP Field

CVE-2024-24981 HIGH

Intel(R) Server M50FCP - Privilege Escalation

CVE-2024-23487 HIGH

Intel(R) Server D50DNP - Privilege Escalation

CVE-2024-22476 CRITICAL

Intel Neural Compressor <2.5.0 - SQL Injection

CVE-2024-22390 MEDIUM

Intel FPGA products < 2.9.1 - Denial of Service via Improper Input Validation

CVE-2024-22382 HIGH

Intel(R) Server D50DNP - Privilege Escalation

CVE-2024-22095 HIGH

Intel(R) Server D50DNP - Privilege Escalation

CVE-2024-22015 MEDIUM

Intel(R) DLB driver software < 8.5.0 - Authenticated Denial of Service via Improper Input Validation

CVE-2024-4609 CRITICAL

Rockwell Automation FactoryTalk View < 11.0 - SQL Injection via Datalog Function

CVE-2024-4321 HIGH

gaizhenbiao/chuanhuchatgpt 20240310 - Local File Inclusion via Chat History Upload Name Parameter

CVE-2024-25743 HIGH

Linux kernel through 6.9 - Untrusted Hypervisor Virtual Interrupt Injection

Previous Page 73 of 499 Next

Details

Vulnerabilities 12,465

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy