Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,465 vulnerabilities with CWE-20

CVE-2023-32170 MEDIUM

Unified Automation UaGateway < 1.5.13.487 - Denial of Service via Client Certificate Processing

CVE-2023-38293 HIGH

Nokia C200/C100 - Command Injection

CVE-2023-5397 HIGH

Honeywell Experion Server - Remote Code Execution via Malformed Connection Message

CVE-2023-36505 MEDIUM

Ninja Forms Contact Form <3.6.24 - Info Disclosure

CVE-2023-52385 MEDIUM

Huawei EMUI and HarmonyOS - Out-of-bounds Write in RSMC Module

CVE-2023-52552 HIGH

Huawei EMUI - Denial of Service via Power Module Input Verification

CVE-2023-52535 MEDIUM

Android - Denial of Service via VSP Driver Input Validation

CVE-2023-31028 LOW

NVIDIA nvJPEG2000 Library < 0.7.x - Partial Denial of Service via Crafted Input File

CVE-2023-52296 MEDIUM

IBM DB2 11.5 - Denial of Service via Concurrent UDF Query

CVE-2023-33100 HIGH

Qualcomm AR8035 Firmware - Denial of Service via DL NAS Transport Message

CVE-2023-33099 HIGH

Qualcomm Modem Firmware - NR DL NAS SMS Container Denial of Service

CVE-2023-29134 HIGH

MediaWiki Cargo Extension <= 1.39.3 - Improper Input Validation via Backtick Handling

CVE-2023-46047 HIGH

sane_backends 1.2.1 - Local Arbitrary Code Execution via sanei_configure_attach()

CVE-2023-45177 MEDIUM

IBM MQ 9.0.0.0-9.0.0.20 and 9.3.0-9.3.3 - Denial of Service in Clustering Logic

CVE-2023-51444 HIGH

GeoServer < 2.23.4, 2.24.1 - Authenticated Arbitrary File Upload and Remote Code Execution via REST Coverage Store API

CVE-2023-7248 MEDIUM

OpenText Vertica Management Console 10.x-11.1.1-24 12.0.4-18 - Authentication Bypass via Crafted Requests

CVE-2023-7060 HIGH

Zephyr < 3.6.0 - Improper Input Validation in IP Packet Handling

CVE-2023-32633 MEDIUM

Intel(R) CSME <2328.5.5.0 - Privilege Escalation

CVE-2023-42661 HIGH

JFrog Artifactory < 7.76.2 - Authenticated Arbitrary File Write via Insufficient Artifact Validation

CVE-2023-33104 HIGH

Qualcomm Modem and FastConnect Firmware - Denial of Service via PDU Release Command

CVE-2023-33103 HIGH

Qualcomm AR8035 Firmware - Denial of Service via CAG Info IE Processing

CVE-2023-28578 CRITICAL

Qualcomm 315 5G IoT Modem Firmware - Memory Corruption in Core Services via Event Listener Removal

CVE-2023-44345 MEDIUM

Adobe InDesign < 17.4.2 - Unauthenticated Denial of Service via Malicious File

CVE-2023-50737 CRITICAL

Lexmark Printers - Arbitrary Code Execution via SE Menu Routine

CVE-2023-51747 HIGH

Apache James <3.8.1-3.7.5 - SMTP Smuggling

Previous Page 84 of 499 Next

Details

Vulnerabilities 12,465

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy