Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2023-38720 MEDIUM

IBM Db2 11.5 - Denial of Service via ALTER TABLE Statement

CVE-2023-30987 MEDIUM

IBM Db2 10.5, 11.1, <11.5.8 - Denial of Service via Crafted Query

CVE-2023-5421 LOW

OTRS 6.0.0-6.0.34 and 7.0.0-7.0.46 - Authenticated Stored Cross-Site Scripting via CustomerID Field Manipulation

CVE-2023-45176 MEDIUM

IBM App Connect Enterprise 11.0.0.1-11.0.0.23, 12.0.1.0-12.0.10.0 & IBM Integration Bus 10.1-10.1.0.1 DoS

CVE-2023-29464 HIGH

FactoryTalk Linx - Unauthenticated Information Disclosure and Denial of Service via Malicious Packet Size

CVE-2023-5571 HIGH

vrite < 0.3.0 - Improper Input Validation

CVE-2023-26367 MEDIUM

Adobe Commerce <2.4.7-beta1, 2.4.6-p2, 2.4.5-p4, 2.4.4-p5 - Info Di...

CVE-2023-44204 MEDIUM

Juniper Junos OS and Junos OS Evolved - Unauthenticated Denial of Service via Malformed BGP UPDATE Packet

CVE-2023-44192 HIGH

Juniper Junos OS QFX5000 Series DoS via DHCP Memory Leak

CVE-2023-44185 HIGH

Juniper Junos OS < 20.4R3-S6 - Denial of Service via Malformed ISO VPN BGP UPDATE Packet

CVE-2023-44183 MEDIUM

Juniper Junos OS on QFX5000/EX4600 - Unauthenticated DMA Memory Leak via VxLAN Packet Forwarding Engine

CVE-2023-32721 HIGH

Zabbix 4.0.0-4.0.46 - Stored Cross-Site Scripting in Maps URL Field

CVE-2023-44110 MEDIUM

Huawei EMUI and HarmonyOS - Out-of-Bounds Access in Audio Module

CVE-2023-44103 HIGH

HarmonyOS - Out-of-bounds Read in Bluetooth Module

CVE-2023-45648 MEDIUM

Apache Tomcat 8.5.0-8.5.93, 9.0.0-M1-9.0.81, 10.1.0-M1-10.1.13, 11.0.0-M1-M11 HTTP Request Smuggling

CVE-2023-36731 HIGH

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Elevation of Privilege in Win32k

CVE-2023-36707 MEDIUM

Windows Server 2012, 2016, 2019, 2022 - Denial of Service in Deployment Services

CVE-2023-36706 MEDIUM

Windows Deployment Services - Info Disclosure

CVE-2023-36697 MEDIUM

Windows 10/11 and Windows Server 2008/2012/2016/2019 - Remote Code Execution in MSMQ

CVE-2023-36585 HIGH

Windows 10/11 upnphost.dll DoS (1507-22H2)

CVE-2023-36566 MEDIUM

Microsoft Common Data Model SDK - DoS

CVE-2023-36563 MEDIUM KEV

Microsoft WordPad - Info Disclosure

CVE-2023-35349 CRITICAL

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Remote Code Execution in MSMQ

CVE-2023-32485 CRITICAL

Dell SmartFabric Storage Software < 1.4.0 - Unauthenticated Privilege Escalation

CVE-2023-43073 MEDIUM

Dell SmartFabric Storage Software <1.4 - SQL Injection

Previous Page 93 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy