Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2023-20270 MEDIUM

Cisco Firepower Threat Defense - Denial of Service via SMB Protocol Preprocessor

CVE-2023-20114 MEDIUM

Cisco Firepower Management Center - RCE

CVE-2023-40062 HIGH

SolarWinds Platform < 2023.4 - Remote Code Execution via Incomplete List of Disallowed Inputs

CVE-2023-40061 HIGH

SolarWinds Platform < 2023.4 - Insecure Job Execution Mechanism

CVE-2023-4197 HIGH

Dolibarr ERP CRM <= 18.0.1 - Remote Code Execution via Website Input

CVE-2023-37833 LOW

Elenos ETG150 FM Transmitter 3.12 - Improper Access Control

CVE-2023-3955 HIGH

Kubernetes < 1.24.17 and 1.28.0 - Privilege Escalation via Windows Pod Creation

CVE-2023-3676 HIGH

kubernetes <1.24.17, >=1.28.0 <1.28.1 - Privilege Escalation via Windows Pod Creation

CVE-2023-21391 HIGH

Android < 14.0 - Remote Denial of Service via Messaging Input Validation

CVE-2023-5832 CRITICAL

AnythingLLM < 0.1.0 - Improper Input Validation

CVE-2023-42431 LOW

BlueSpice 3.0-3.2.10.1 - Authenticated Stored Cross-Site Scripting in Profile Image Dialog

CVE-2023-46289 HIGH

Rockwell Automation FactoryTalk View Site Edition - DoS

CVE-2023-5624 HIGH

Nessus Network Monitor < 6.3.0 - Authenticated Blind SQL Injection via Parameter Alteration

CVE-2023-5044 HIGH

ingress-nginx < 1.9.0 - Code Injection via nginx.ingress.kubernetes.io/permanent-redirect Annotation

CVE-2023-5043 HIGH

ingress-nginx < 1.9.0 - OS Command Injection via Annotation

CVE-2023-45805 HIGH

PDM 2.0.0-2.9.3 - Dependency Confusion via Malicious pdm.lock File

CVE-2023-39456 HIGH

Apache Traffic Server 9.0.0-9.2.2 - Improper Input Validation via Malformed HTTP/2 Frames

CVE-2023-40373 MEDIUM

IBM Db2 11.5-11.5.8 - Denial of Service via Crafted Query with Common Table Expressions

CVE-2023-40372 MEDIUM

IBM Db2 11.5-11.5.8 - Denial of Service via External Tables SQL Statement

CVE-2023-38719 MEDIUM

IBM Db2 11.5 - Denial of Service during Database Deactivation on DPF

CVE-2023-40374 MEDIUM

IBM Db2 11.5-11.5.8 - Denial of Service via Crafted Query Statement

CVE-2023-30991 HIGH

IBM Db2 11.1-11.5 - Denial of Service via Specially Crafted Query

CVE-2023-38740 MEDIUM

IBM Db2 11.5-11.5.8 - Denial of Service via Crafted SQL Statement

CVE-2023-38728 MEDIUM

IBM Db2 10.5, 11.1, <11.5.8 - Denial of Service via Crafted XML Query Statement

CVE-2023-45128 CRITICAL

Fiber < 2.50.0 - Cross-Site Request Forgery via Improper CSRF Token Validation

Previous Page 92 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy