Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2023-39265 LOW

Apache Superset <= 2.1.0 - SQLite Database Connection Manipulation via Alternative Driver Names

CVE-2023-30712 MEDIUM

Samsung Android - Arbitrary Activity Launch via Settings Suggestions

CVE-2023-39357 HIGH

Cacti - Authenticated SQL Injection and Remote Code Execution via sql_save Function

CVE-2023-34317 MEDIUM

OAS Platform 18.00.0072 - Improper Input Validation in User Creation

CVE-2023-40743 CRITICAL

Apache Axis 1.x - Server-Side Request Forgery and Remote Code Execution via ServiceFactory.getService

CVE-2023-32811 MEDIUM

Yocto - Local Privilege Escalation via Improper Input Validation in Connectivity System Driver

CVE-2023-33914 HIGH

Android - Remote Information Disclosure via NIA0 Algorithm in Security Mode Command

CVE-2023-4698 HIGH

memos < 0.13.2 - Improper Input Validation

CVE-2023-4481 HIGH

Juniper Junos OS and Junos OS Evolved - Unauthenticated Denial of Service via Crafted BGP UPDATE Messages

CVE-2023-41748 CRITICAL

Acronis Cloud Manager < 6.2.23089.203 - Remote Code Execution

CVE-2023-41746 CRITICAL

Acronis Cloud Manager < 6.2.23089.203 - Remote Code Execution

CVE-2023-39137 HIGH

Archive < 3.3.8 - Filename Spoofing via Inconsistent Zip Parsing

CVE-2023-26095 HIGH

Stormshield SNS <4.3.16, <4.6.3 - Crash

CVE-2023-27604 HIGH

Apache Airflow Sqoop Provider < 4.0.0 - Authenticated Remote Code Execution via Sqoop Import Connection Parameters

CVE-2023-40798 HIGH

Tenda AC23 v16.03.07.45_cn - Buffer Overflow

CVE-2023-40797 HIGH

Tenda AC23 <16.03.07.45_cn - Buffer Overflow

CVE-2023-40801 HIGH

Tenda AC23 <16.03.07.45_cn - Buffer Overflow

CVE-2023-40800 HIGH

Tenda AC23 <16.03.07.45_cn - Buffer Overflow

CVE-2023-3705 HIGH

CP-Plus NVR Firmware < b3223p22c02424 - Unauthenticated Sensitive Information Disclosure via Web Interface

CVE-2023-3704 MEDIUM

Cpplusworld Cp-uvr-1601e1-hc Firmware - Improper Input Validation

CVE-2023-20169 HIGH

Cisco NX-OS - Denial of Service via IS-IS Packet Parsing

CVE-2023-20168 HIGH

Cisco NX-OS - Unauthenticated Denial of Service via TACACS+ or RADIUS Authentication Input

CVE-2023-25915 CRITICAL

Danfoss AK-SM 800A Firmware < 3.3 - Authenticated Remote Code Execution

CVE-2023-36674 MEDIUM

MediaWiki <1.35.11, <1.38.7, <1.39.4, <1.40.1 - Auth Bypass

CVE-2023-4435 MEDIUM

hamza417/inure < build88 - Improper Input Validation

Previous Page 96 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy