CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20
CVE-2023-43799 MEDIUM
Altair < 5.2.5 - Remote Code Execution via External URL Handling
CVSS 5.0
CVE-2023-36619 CRITICAL
Atos Unify OpenScape Session Border Controller <V10 R3.01.03 - RCE
CVSS 9.8
CVE-2023-42449 HIGH
Hydra < 0.13.0 - Unauthenticated Fund Locking and Spoofing via Head Token Validation Flaw
CVSS 8.1
CVE-2023-42448 HIGH
Hydra < 0.13.0 - Improper Validation of Contestation Period in Head Validator
CVSS 8.1
CVE-2023-39191 HIGH
Linux kernel - Privilege Escalation
CVSS 8.2
CVE-2023-38701 CRITICAL
Hydra < 0.12.0 - Unauthenticated Fund Theft via Flawed ViaAbort Redeemer Check
CVSS 9.1
CVE-2023-22515 CRITICAL KEV
Atlassian Confluence Unauthenticated Remote Code Execution
CVSS 9.8
CVE-2023-4586 HIGH
Red Hat Data Grid Hot Rod Client - Improper Certificate Validation
CVSS 7.4
CVE-2023-30690 HIGH
Samsung Android Duo - Privilege Escalation via Improper Input Validation
CVSS 8.5
CVE-2023-42508 MEDIUM
JFrog Artifactory 7.0.0-7.65.9 - Unauthenticated Email Manipulation via Crafted Payload
CVSS 6.5
CVE-2023-24853 HIGH
Qualcomm FastConnect and AR8035 Firmware - Memory Corruption in HLOS
CVSS 8.4
CVE-2023-22382 HIGH
Qualcomm APQ8064AU Firmware - Improper Input Validation in VM Listener Request Processing
CVSS 7.4
CVE-2023-3770 MEDIUM
ingepac DA3451 Firmware - Unauthenticated Information Disclosure via Discovery Port Protocol
CVSS 5.3
CVE-2023-3769 HIGH
Ingeteam Ingepac FC5066 Firmware - Denial of Service via MMS Protocol Packet Fuzzing
CVSS 8.6
CVE-2023-3768 HIGH
Ingeteam Ingepac DA3451, EF MD, and FC5066 Firmware - Denial of Service via MMS Protocol Packet Fuzzing
CVSS 8.6
CVE-2023-32827 MEDIUM
Android - Local Privilege Escalation via Camera Middleware Input Validation
CVSS 6.7
CVE-2023-32826 MEDIUM
Android - Local Privilege Escalation via Camera Middleware Input Validation
CVSS 6.7
CVE-2023-32820 HIGH
Yocto - Remote Denial of Service via Improper Input Handling
CVSS 7.5
CVE-2023-20231 HIGH
Cisco IOS XE - Authenticated OS Command Injection via Web UI
CVSS 8.8
CVE-2023-2315 HIGH
OpenCart 4.0.0.0-4.0.2.2 - Authenticated Path Traversal via Log Component
CVSS 8.1
CVE-2023-41303 HIGH
Distributed File System - Command Injection
CVSS 7.5
CVE-2023-41300 HIGH
Huawei PMS Module - Parameter Validation Denial of Service
CVSS 7.5
CVE-2023-5143 MEDIUM
D-Link DAR-7000 <20151231 - Info Disclosure
CVSS 6.3
CVE-2023-42798 HIGH
hollowaykeanho/automataci < 1.5.0 - Git Repository Reset via Release Job
CVSS 8.2
CVE-2023-42805 HIGH
Quinn < 0.9.5 - Improper Input Validation
CVSS 7.5
Details
Vulnerabilities 12,467
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits