Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2023-32617 HIGH

Intel NUC BIOS Firmware - Privilege Escalation via Improper Input Validation

CVE-2023-29494 HIGH

Intel NUC 11 Pro Kit and Board Firmware - Privilege Escalation via BIOS Input Validation

CVE-2023-26587 HIGH

Intel(R) Easy Streaming Wizard - Privilege Escalation

CVE-2023-22449 HIGH

Intel(R) NUC BIOS - Privilege Escalation

CVE-2023-32560 CRITICAL

Ivanti Avalanche < 6.4.1 - Remote Code Execution via Crafted Message

CVE-2023-39209 MEDIUM

Zoom Desktop Client for Windows <5.15.5 - Info Disclosure

CVE-2023-36899 HIGH

.NET Framework - Elevation of Privilege via ASP.NET

CVE-2023-36873 HIGH

.NET Framework - Privilege Escalation

CVE-2023-3894 MEDIUM

jackson-dataformats-text < 2.15.0 - Denial of Service via TOML Parser Stack Overflow

CVE-2023-38254 MEDIUM

Microsoft Windows MSMQ - Denial of Service

CVE-2023-36912 HIGH

Microsoft Windows 10/11 and Windows Server - Denial of Service in Message Queuing

CVE-2023-36897 HIGH

Microsoft Visual Studio Tools for Office Runtime - Spoofing

CVE-2023-36893 MEDIUM

Microsoft Outlook - Email Spoofing via Improper Input Validation

CVE-2023-35377 MEDIUM

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Denial of Service in Message Queuing

CVE-2023-35376 MEDIUM

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Denial of Service in Microsoft Message Queuing

CVE-2023-35368 HIGH

Microsoft Exchange Server - Remote Code Execution

CVE-2023-39532 CRITICAL

SES 0.13.0-0.18.7 Arbitrary Code Execution via Dynamic Import Spread Operator

CVE-2023-21647 MEDIUM

Qualcomm Bluetooth Firmware - Information Disclosure via GATT Packet

CVE-2023-21627 MEDIUM

Qualcomm Trusted Execution Environment Firmware - Memory Corruption

CVE-2023-39530 MEDIUM

PrestaShop < 8.1.1 - Unauthenticated Arbitrary File Deletion via CustomerMessage API

CVE-2023-39529 MEDIUM

PrestaShop < 8.1.1 - Arbitrary File Deletion via Attachments Controller

CVE-2023-38704 HIGH

import-in-the-middle < 1.4.2 - Remote Code Execution via User-Supplied Input to import()

CVE-2023-27373 MEDIUM

Insyde InsydeH2O 5.0-5.5 - Improper Input Validation in EFI Variable Handling

CVE-2023-38690 MEDIUM

matrix-appservice-irc <1.0.1 - Command Injection

CVE-2023-30952 MEDIUM

Palantir Foundry < 6.228.0 - Phishing Link Creation via Issue Request Editing

Previous Page 98 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy