Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,465 vulnerabilities with CWE-20

CVE-2024-4175 MEDIUM

Hyperion Web Server 2.0.15 - Unicode Transformation Vulnerability

CVE-2024-25583 HIGH

PowerDNS Recursor 4.8.7-4.8.6, 4.9.4-4.9.3, 5.0.3-5.0.2 - Denial of Service via Upstream Forward-Recurse Response

CVE-2024-28977 LOW

Dell Repository Manager 3.4.2-3.4.4 - Path Traversal in Logger Module

CVE-2024-28976 HIGH

Dell Repository Manager < 3.4.5 - Path Traversal in API Module

CVE-2024-3177 LOW

Kubernetes < 1.27.13, 1.28.0-1.28.8, 1.29.0-1.29.3 - Policy Bypass via envFrom Field

CVE-2024-32653 MEDIUM

jadx < 1.5.0 - Remote Code Execution via Package Name Injection

CVE-2024-31841 HIGH

Italtel Embrace <1.6.4 - Info Disclosure

CVE-2024-3646 HIGH

GitHub Enterprise Server < 3.9.13 - Authenticated Command Injection via Chat Integration Configuration

CVE-2024-3841 MEDIUM

Google Chrome < 124.0.6367.60 - Script Injection via Browser Switcher

CVE-2024-3029 HIGH

AnythingLLM < 1.0.0 - Unauthenticated User Deletion and Privilege Escalation via Malformed JSON Payload

CVE-2024-3028 HIGH

AnythingLLM < 1.0.0 - Arbitrary File Read and Delete via Logo Filename Manipulation

CVE-2024-3493 HIGH

Rockwellautomation Controllogix 5580 ... - Improper Input Validation

CVE-2024-2424 HIGH

Rockwell Automation 5015-AENFTXT - Info Disclosure

CVE-2024-29838 HIGH

Evolution Controller <2.04.560.31.03.2024 - DoS

CVE-2024-21590 MEDIUM

Juniper Junos OS Evolved DoS via Crafted MPLS IPv4 Packets

CVE-2024-29461 MEDIUM

Floodlight SDN OpenFlow Controller <1.2 - DoS

CVE-2024-3400 CRITICAL KEV

Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution

CVE-2024-30916 HIGH

eProsima FastDDS < 2.14.0 - Denial of Service and Information Disclosure via DurabilityService QoS max_samples Parameter

CVE-2024-1481 MEDIUM

Red Hat Enterprise Linux 8 - Denial of Service via Crafted HTTP Request Parameters

CVE-2024-3385 HIGH

Palo Alto Networks PAN-OS PA-5400/PA-7000 - Packet Processing Denial of Service

CVE-2024-3101 HIGH

mintplex-labs/anything-llm - Privilege Escalation

CVE-2024-31309 HIGH

Apache Traffic Server 8.0.0-8.1.9 9.0.0-9.2.3 - Denial of Service via HTTP/2 CONTINUATION Frames

CVE-2024-20758 CRITICAL

Adobe Commerce <2.4.6-p4-2.4.7-beta3 - RCE

CVE-2024-21507 MEDIUM

mysql2 < 3.9.3 - Cache Poisoning via KeyFromFields Colon Injection

CVE-2024-2650 MEDIUM

Essential Addons for Elementor - WooCommerce <5.9.10 - XSS

Previous Page 76 of 499 Next

Details

Vulnerabilities 12,465

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy