Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,465 vulnerabilities with CWE-20

CVE-2024-21413 CRITICAL KEV

Microsoft 365 Apps and Office 2016-2019 - Remote Code Execution via Moniker Link

CVE-2024-21374 MEDIUM

Microsoft Teams < 1.0.0.2024022302 - Information Disclosure

CVE-2024-21315 HIGH

Microsoft Defender for Endpoint < 10.0.25398.531 - Elevation of Privilege

CVE-2024-21304 MEDIUM

Windows 10 1809-22H2, Windows 11 21H2-23H2, Windows Server 2019-2022 - Trusted Compute Base Elevation of Privilege

CVE-2024-20684 MEDIUM

Windows 11/Server 2022 Hyper-V DoS (21H2<22000.2777, 22H2<22621.3155, 23H2<22631.3155, 2022<20348.2322, 23H2<25398.709)

CVE-2024-23324 HIGH

Envoy 1.26.0-1.26.6 - Authentication Bypass via Invalid gRPC Request

CVE-2024-1246 LOW

Concrete CMS 9.0.0-9.2.4 - Reflected Cross-Site Scripting via Image URL Import Feature

CVE-2024-1245 LOW

Concrete CMS 9.0.0-9.2.4 - Stored Cross-Site Scripting in File Tags and Description Attributes

CVE-2024-1247 LOW

Concrete CMS 9.0.0-9.2.4 - Stored Cross-Site Scripting via Role Name Field

CVE-2024-22119 MEDIUM

Zabbix - Improper Input Validation Leading to Information Disclosure

CVE-2024-0955 MEDIUM

Nessus < 10.7.0 - Authenticated Stored Cross-Site Scripting via Proxy Settings

CVE-2024-24941 MEDIUM

JetBrains IntelliJ IDEA <2023.3.3 - Open Redirect

CVE-2024-20004 HIGH

mediatek nr15 - Remote Denial of Service via Invalid NR RRC Connection Setup Message

CVE-2024-20003 HIGH

MediaTek NR15 - Remote Denial of Service via Invalid NR RRC Connection Setup Message

CVE-2024-21863 MEDIUM

OpenHarmony < 3.2.4 - Denial of Service via Improper Input Validation

CVE-2024-0285 MEDIUM

OpenHarmony <= 4.0.0 - Denial of Service via Improper Input Validation

CVE-2024-21388 MEDIUM

Microsoft Edge Chromium < 121.0.2277.83 - Elevation of Privilege

CVE-2024-1019 HIGH

OWASP ModSecurity 3.0.0-3.0.11 - Web Application Firewall Bypass via Percent-Encoded URL Path

CVE-2024-23790 LOW

OTRS <7.0.48-8.0.37-2023.1.1 - Info Disclosure

CVE-2024-23655 HIGH

Tutanota 3.118.12-3.119.10 - Denial of Service via Malformed Email

CVE-2024-23641 HIGH

SvelteKit 2.0.0-2.4.2 - Denial of Service via GET Request with Body

CVE-2024-23842 HIGH

Hitron LGUVR-16H Firmware 1.02-4.02 - Unauthenticated Network Attack via Default Credentials

CVE-2024-22772 HIGH

Hitron Systems DVR LGUVR-8H <4.02 - Info Disclosure

CVE-2024-22771 HIGH

Hitron Systems DVR LGUVR-4H <4.02 - Info Disclosure

CVE-2024-22770 HIGH

Hitron Systems DVR HVR-16781 <4.02 - Info Disclosure

Previous Page 81 of 499 Next

Details

Vulnerabilities 12,465

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy