Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,466 vulnerabilities with CWE-20

CVE-2023-41268 MEDIUM

Samsung Open Source Escargot <4.0.0 - Buffer Overflow

CVE-2023-40053 MEDIUM

SolarWinds Serv-U 15.4 - Authenticated Arbitrary File Write via File Share Function

CVE-2023-5188 HIGH

WAGO Telecontrol Configurator and WagoAppRTU < 1.4.6.0 - Unauthenticated Denial of Service via Malformed MMS Packets

CVE-2023-33042 HIGH

Qualcomm 315 5G IoT Modem Firmware - Denial of Service via RRC Setup Message

CVE-2023-48693 HIGH

Azure RTOS ThreadX <6.3.0 - Privilege Escalation

CVE-2023-49291 CRITICAL

tj-actions/branch-names < 7.0.7 - Remote Code Execution via Crafted Branch Name

CVE-2023-40097 HIGH

Android - Local Privilege Escalation via URI Grant in PackageManagerHelper

CVE-2023-47106 MEDIUM

Traefik < 2.10.6 and < 3.0.0-beta5 - URL Fragment Forwarding Bypass

CVE-2023-40687 MEDIUM

IBM DB2 < 10.5.0.11 - Denial of Service via RUNSTATS Command

CVE-2023-38727 MEDIUM

IBM Db2 10.5.0.0-10.5.0.10 - Denial of Service via Crafted SQL Statement

CVE-2023-29258 MEDIUM

IBM Db2 11.1-11.5 - Denial of Service via Federated Query

CVE-2023-47701 MEDIUM

IBM Db2 10.5.0.0-10.5.0.10 - Denial of Service via Crafted Query

CVE-2023-46167 MEDIUM

IBM Db2 11.5.6-11.5.8 - Denial of Service via Specially Crafted Cursor

CVE-2023-45178 MEDIUM

IBM Db2 11.5 CLI - Denial of Service via Specially Crafted Request

CVE-2023-40699 HIGH

IBM InfoSphere Information Server 11.7 - DoS

CVE-2023-34390 MEDIUM

SEL-451 Firmware r315-v0-r315-v4 - Authenticated Denial of Service via Input Validation Issue

CVE-2023-2267 MEDIUM

SEL-411L Firmware r118-v0 to r118-v4 - Reflection Attack via Improper Input Validation

CVE-2023-2264 MEDIUM

SEL-411L Firmware r118-v0 to r118-v4 - Improper Input Validation

CVE-2023-49095 HIGH

nexkey < 12.122.2 - User Impersonation via ActivityPub Request Validation Bypass

CVE-2023-49081 HIGH

aiohttp < 3.9.0 - HTTP Request Smuggling via HTTP Version Manipulation

CVE-2023-5275 LOW

GX Works2 - Denial of Service via Simulation Function Packet Handling

CVE-2023-5274 LOW

GX Works2 - Denial of Service via Simulation Function Packet Handling

CVE-2023-49082 MEDIUM

aiohttp < 3.9.0 - HTTP Request Smuggling via CRLF Injection

CVE-2023-35136 MEDIUM

Zyxel ZLD 4.32-5.37 - Authenticated Configuration File Access via Quagga Package Input Validation

CVE-2023-48226 MEDIUM

OpenReplay < 1.15.0 - HTML Injection in Account Settings Name Field

Previous Page 89 of 499 Next

Details

Vulnerabilities 12,466

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy