Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,465 vulnerabilities with CWE-20

CVE-2024-22360 MEDIUM

IBM Db2 11.5 - Denial of Service via Crafted Query on Columnar Tables

CVE-2024-29074 MEDIUM

OpenHarmony < 3.2.4 - Arbitrary Code Execution via Improper Input Validation

CVE-2024-28226 HIGH

OpenHarmony 3.2-4.0 - Denial of Service via Improper Input Validation

CVE-2024-21473 CRITICAL

Qualcomm AR8035 Firmware - Memory Corruption via Log File Redirection

CVE-2024-21453 HIGH

Qualcomm C-V2X 9150 Firmware - Denial of Service via Oversized Message Decoding

CVE-2024-21452 HIGH

Qualcomm C-V2X 9150 Firmware - Denial of Service via ASN.1 OER Message Decoding

CVE-2024-29946 HIGH

Splunk Enterprise <9.2.1, 9.1.4, 9.0.9 - Info Disclosure

CVE-2024-20271 HIGH

Cisco IOS XE, Business APs, WLC - DoS via IPv4 Packet Processing

CVE-2024-23482 HIGH

ZScaler Client Connector < 4.2.0.241 - Local Privilege Escalation via ZScalerService Process

CVE-2024-2427 HIGH

Rockwell Automation PowerFlex 527 - DoS

CVE-2024-2426 HIGH

Rockwell Automation PowerFlex 527 - DoS

CVE-2024-2425 HIGH

Rockwell Automation PowerFlex 527 - DoS

CVE-2024-29042 MEDIUM

francisco/translate < 3.0.0 - Cache Poisoning via opt.id Parameter

CVE-2024-27932 MEDIUM

Deno 1.8.0-1.40.3 - Auth Token Leak via Improper Hostname Validation

CVE-2024-27918 HIGH

Coder < 2.6.1, 2.7.0-2.7.2, 2.8.0-2.8.3 - OIDC Email Domain Verification Bypass

CVE-2024-2469 HIGH

GitHub Enterprise Server >=3.8.0 - RCE

CVE-2024-2443 CRITICAL

GitHub Enterprise Server <3.13 - Command Injection

CVE-2024-23634 MEDIUM

GeoServer < 2.23.5 and 2.24.2 - Authenticated Arbitrary File Renaming via REST Coverage Store or Data Store API

CVE-2024-24683 MEDIUM

Apache Hop Engine <2.8.0 - Info Disclosure

CVE-2024-25942 MEDIUM

Dell PowerEdge Server BIOS < 2.19.0 - Arbitrary SMRAM Write via Improper SMM Verification

CVE-2024-28855 HIGH

ZITADEL < 2.41.15 - Cross-Site Scripting in Login UI via Unsanitized Input Parameters

CVE-2024-25656 MEDIUM

AVSystem UMP 23.07.0.16567~LTS - Info Disclosure

CVE-2024-20327 HIGH

Cisco IOS XR < 7.9.21 - Unauthenticated Denial of Service via Malformed PPPoE Packet

CVE-2024-20318 HIGH

Cisco IOS XR Software DoS via Layer 2 Ethernet Frame Handling

CVE-2024-24549 HIGH

Apache Tomcat <11.0.0-M16, <10.1.18, <9.0.85, <=8.5.98 - DoS

Previous Page 78 of 499 Next

Details

Vulnerabilities 12,465

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy