Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,465 vulnerabilities with CWE-20

CVE-2024-22769 HIGH

Hitron Systems DVR HVR-8781 <4.02 - Info Disclosure

CVE-2024-22768 HIGH

Hitron Systems DVR HVR-4781 <4.02 - Info Disclosure

CVE-2024-23678 HIGH

Splunk Enterprise for Windows 9.0.0-9.0.8 - Unsafe Deserialization via Path Input

CVE-2024-23676 MEDIUM

Splunk Cloud < 9.1.2308.200 and Splunk 9.0.0-9.0.8 - Unauthorized Metrics Access via mrollup SPL Command

CVE-2024-0396 HIGH

Progress MOVEit Transfer < 2022.0.10, 2022.1.11, 2023.0.8, 2023.1.3 - DoS via HTTPS Parameter Manipulation

CVE-2024-0507 MEDIUM

GitHub Enterprise Server - Privilege Escalation

CVE-2024-20721 MEDIUM

Acrobat Reader T5 (MSFT Edge) <120.0.2210.91 - DoS

CVE-2024-20709 MEDIUM

Acrobat Reader T5 (MSFT Edge) <120.0.2210.91 - DoS

CVE-2024-22027 MEDIUM

WordPress Quiz Maker Plugin <6.5.0.6 - DoS

CVE-2024-22199 CRITICAL

gofiber/template < 3.1.9 - Cross-Site Scripting via Autoescape Bypass

CVE-2024-21319 MEDIUM

.NET 6.0.0-6.0.25 and IdentityModel 5.0.0-5.6.9 - Denial of Service

CVE-2024-21316 MEDIUM

Windows Server Key Distribution Service - Security Feature Bypass via Improper Input Validation

CVE-2024-21312 HIGH

.NET Framework - Denial of Service

CVE-2024-20666 MEDIUM

Windows 10 1507-22H2 and Windows 11 21H2-23H2 - BitLocker Security Feature Bypass

CVE-2024-0057 CRITICAL

PowerShell 7.2-7.2.17 - Security Feature Bypass via Improper Input Validation

CVE-2024-22165 MEDIUM

Splunk Enterprise Security < 7.1.2 - Authenticated Denial of Service via Malformed Investigation

CVE-2024-21663 CRITICAL

demon1a discord-recon < 0.0.8 - Unauthenticated Remote Code Execution

CVE-2024-21625 HIGH

SideQuest < 0.10.35 - Remote Code Execution via Deep Link URL Sanitization Bypass

CVE-2024-21631 MEDIUM

Vapor < 4.90.0 - Integer Overflow in URI Parser

CVE-2024-21627 HIGH

PrestaShop < 1.7.8.11 and 8.0.0-beta.1-8.1.3 - Cross-Site Scripting via isCleanHTML Method Bypass

CVE-2023-21473 MEDIUM

Samsung Android - Remote Code Execution via Exynos Fastboot USB Interface

CVE-2023-21472 MEDIUM

Samsung Android - Authenticated Remote Code Execution via Exynos Fastboot USB Interface

CVE-2023-28911 MEDIUM

Volkswagen MIB3 infotainment system MIB3 OI MQB <0304 - Denial of Service via Bluetooth Stack

CVE-2023-42981 MEDIUM

macOS - Denial of Service or Memory Disclosure via File Processing

CVE-2023-42977 HIGH

iPadOS < 17.0 - Sandbox Escape via Path Handling Issue

Previous Page 82 of 499 Next

Details

Vulnerabilities 12,465

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy