Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2023-37559 MEDIUM

CODESYS Control Runtime < 4.10.0.0 & < 3.5.19.20 - Authenticated DoS via Invalid Address Read

CVE-2023-37558 MEDIUM

CODESYS Control Runtime <3.5.19.20 & Control SL <4.10.0.0 - Authenticated DoS via Invalid Address Read

CVE-2023-37556 MEDIUM

CODESYS Control Runtime < 4.10.0.0 - Authenticated Denial of Service via CmpAppBP Invalid Address Read

CVE-2023-37555 MEDIUM

CODESYS Control Runtime SL < 3.5.19.20 - Authenticated Denial of Service via CmpAppBP Invalid Address Read

CVE-2023-37554 MEDIUM

CODESYS Control Runtime - Authenticated Denial of Service via CmpAppBP Invalid Address Read

CVE-2023-37553 MEDIUM

CODESYS Control Runtime SL < 4.10.0.0 & < 3.5.19.20 - Authenticated DoS via CmpAppBP Invalid Address Read

CVE-2023-37552 MEDIUM

CODESYS Control Runtime SL < 4.10.0.0 - Authenticated Denial of Service via CmpAppBP Invalid Address Read

CVE-2023-37550 MEDIUM

CODESYS Control Runtime - Authenticated Denial of Service via Crafted Network Requests

CVE-2023-37549 MEDIUM

CODESYS Control Runtime - Authenticated Denial of Service via Crafted Network Requests

CVE-2023-37548 MEDIUM

CODESYS Control Runtime - Authenticated Denial of Service via CmpApp Invalid Address Read

CVE-2023-37547 MEDIUM

CODESYS Control Runtime - Authenticated Denial of Service via Crafted Network Requests

CVE-2023-37546 MEDIUM

CODESYS Control Runtime < 4.10.0.0 and < 3.5.19.20 - Authenticated Denial of Service via CmpApp Invalid Address Read

CVE-2023-37545 MEDIUM

CODESYS Control Runtime - Authenticated Denial of Service via Crafted Network Requests

CVE-2023-38495 HIGH

Crossplane <1.11.5, <1.12.3, <1.13.0 - Info Disclosure

CVE-2023-28130 HIGH

Check Point Gaia Portal - Privilege Escalation via Hostnames Page

CVE-2023-38502 MEDIUM

TDengine < 3.0.7.1 - Denial of Service via UDF Nested Query

CVE-2023-35944 HIGH

Envoy <1.27.0-1.23.12 - Info Disclosure

CVE-2023-38060 MEDIUM

OTRS 6.0.1-6.0.34 and 7.0.0-7.0.44 - Authenticated Host Header Injection via Ticket Attachment ContentType Parameter

CVE-2023-38057 MEDIUM

OTRS Survey 6.0.0-6.0.22, 7.0.0-7.0.32 - Stored Cross-Site Scripting in Free Text Answers

CVE-2023-37915 HIGH

OpenDDS - Denial of Service via Malformed PID_PROPERTY_LIST in DATA Submessage

CVE-2023-3466 HIGH

Citrix NetScaler ADC and Gateway 12.1-55.297 13.0-91.13 - Reflected Cross-Site Scripting

CVE-2023-28513 MEDIUM

IBM MQ and MQ Appliance - Denial of Service via Message Processing Error

CVE-2023-33832 MEDIUM

IBM Spectrum Protect <8.1.17.0 - DoS

CVE-2023-3724 CRITICAL

wolfssl < 5.6.2 - Predictable IKM Value in TLS 1.3 Session Key Generation

CVE-2023-36466 LOW

Discourse < 3.0.5 - Improper Authentication via Topic Title Validation Bypass

Previous Page 99 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy