Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,466 vulnerabilities with CWE-20

CVE-2023-41782 LOW

ZTE ZXCLOUD iRAI < 7.23.30 - DLL Hijacking via Uncontrolled Search Path

CVE-2023-6992 MEDIUM

Cloudflare zlib < 2023-11-16 - Denial of Service via Deflation Algorithm Memory Corruption

CVE-2023-6738 MEDIUM

Page Builder: Pagelayer < 1.7.8 - Authenticated Stored Cross-Site Scripting via Header/Body/Footer Code Meta Fields

CVE-2023-50256 HIGH

froxlor < 2.1.2 - Improper Input Validation via Registration Form Bypass

CVE-2023-46929 HIGH

GPAC 2.3-DEV-rev605-gfc9e29089-master - Denial of Service in MP4Box AVC VUI Parser

CVE-2023-49551 HIGH

Cesanta mjs 2.20.0 - Denial of Service via mjs_op_json_parse Function

CVE-2023-33014 HIGH

Qualcomm AR8035 Firmware - Information Disclosure via Diag Command Processing

CVE-2023-26159 HIGH

follow-redirects < 1.15.4 - URL Redirection to Untrusted Site via Improper Hostname Parsing

CVE-2023-32890 HIGH

MediaTek LR13 NR15 NR16 NR17 - Remote Denial of Service via Modem EMM Input Validation

CVE-2023-49299 HIGH

Apache DolphinScheduler <3.1.9 - XSS

CVE-2023-52137 HIGH

tj-actions/verify-changed-files < 17.0.0 - Command Injection via Changed Filename Special Characters

CVE-2023-47804 HIGH

Apache OpenOffice < 4.1.15 - Unauthenticated Arbitrary Script Execution via Macro Link Activation

CVE-2023-7163 CRITICAL

D-Link D-View 8 <= 2.0.2.89 - Improper Input Validation in Probe Inventory

CVE-2023-6879 CRITICAL

aomedia < 3.7.1 - Heap Overflow via Multi-Threaded Video Frame Resolution Increase

CVE-2023-31455 HIGH

Pexip Infinity <31.2 - Buffer Overflow

CVE-2023-31289 HIGH

Pexip Infinity <31.2 - Remote Code Execution

CVE-2023-39251 MEDIUM

Dell BIOS < 1.27.0 - Memory Corruption via Improper Input Validation

CVE-2023-45165 MEDIUM

IBM AIX 7.2 and 7.3 - Denial of Service via SMB Client

CVE-2023-6784 MEDIUM

Progress Sitefinity 4.0-13.3.7648 - Phishing Email Distribution

CVE-2023-0011 HIGH

u-blox TOBY-L2 Series - OS Command Injection via AT Commands

CVE-2023-47705 MEDIUM

IBM Security Guardium Key Lifecycle Manager 4.2.0-4.2.0.1 Username Manipulation via Input Validation

CVE-2023-47161 MEDIUM

IBM UrbanCode Deploy 7.0.0.0-7.0.5.18 - Denial of Service via Archive File Upload

CVE-2023-42012 MEDIUM

IBM UrbanCode Deploy 7.2.0.0-7.2.3.7 and 7.3.0.0-7.3.2.2 - Denial of Service via Windows Service Path

CVE-2023-45172 MEDIUM

IBM AIX 7.2-7.3 and VIOS 3.1 - Denial of Service via AIX Windows

CVE-2023-22439 LOW

Gallagher Controller <8.90.231204a-8.80.1369-8.70.2375-8.60.231116a...

Previous Page 87 of 499 Next

Details

Vulnerabilities 12,466

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy