Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3267

3267 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-25131 Openshift-dedicated: must-gather-operator: yaml template injection leads to privilege escalation 8.8 High2024-12-19
CVE-2024-52590 Missing validation allows spoofed profiles in Misskey — misskey 8.8 -2024-12-18
CVE-2024-52591 Missing validation allows spoofed profiles and notes in Misskey — misskey 8.1 -2024-12-18
CVE-2024-52592 Missing validation allows spoofed poll updates in Misskey — misskey 5.3 -2024-12-18
CVE-2024-52593 Missing validation allows spoofed "origin" links in Misskey — misskey 5.4 -2024-12-18
CVE-2024-55952 Dataease Redshift Data Source JDBC Connection Parameters Not Verified Leads to RCE Vulnerability — dataease 8.8 -2024-12-18
CVE-2020-12487 Command Execution Vulnerability in ABE service — ABE 7.0 High2024-12-17
CVE-2024-21544 Browsershot 安全漏洞 — spatie/browsershot 8.6 High2024-12-13
CVE-2024-47238 Dell Client Platform BIOS 输入验证错误漏洞 — Dell Client Platform BIOS 7.5 High2024-12-12
CVE-2024-54101 HUAWEI HarmonyOS和EMUI 安全漏洞 — HarmonyOS 6.2 Medium2024-12-12
CVE-2024-54100 HUAWEI HarmonyOS和EMUI 安全漏洞 — HarmonyOS 6.2 Medium2024-12-12
CVE-2024-12401 Cert-manager: potential dos when parsing specially crafted pem inputs 4.4 Medium2024-12-12
CVE-2024-11737 Schneider Electric Modicon Controllers 输入验证错误漏洞 — Modicon Controllers M241 / M251 9.8 Critical2024-12-11
CVE-2024-55655 sigstore-python has insufficient validation of integration timestamp during verification — sigstore-python 6.5 -2024-12-10
CVE-2024-55653 pwndoc's UnhandledPromiseRejection on audits causes Denial of Service (DoS) — pwndoc 6.5 Medium2024-12-10
CVE-2024-52831 Adobe Experience Manager | Improper Input Validation (CWE-20) — Adobe Experience Manager 3.5 Low2024-12-10
CVE-2024-43755 Adobe Experience Manager | Improper Input Validation (CWE-20) — Adobe Experience Manager 3.5 Low2024-12-10
CVE-2024-52982 Animate | Improper Input Validation (CWE-20) — Animate 7.8 High2024-12-10
CVE-2024-49087 Windows Mobile Broadband Driver Information Disclosure Vulnerability — Windows 10 Version 1809 4.6 Medium2024-12-10
CVE-2024-49073 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability — Windows 10 Version 1809 6.8 Medium2024-12-10
CVE-2024-49057 Microsoft Defender for Endpoint on Android Spoofing Vulnerability — Microsoft Defender for Endpoint for Android 8.1 High2024-12-10
CVE-2024-52051 Siemens SIMATIC WinCC和Siemens SIMATIC STEP 输入验证错误漏洞 — SIMATIC S7-PLCSIM V17 7.3 High2024-12-10
CVE-2024-45761 Dell OpenManage Server Administrator 输入验证错误漏洞 — Dell OpenManage Server Administrator 5.4 Medium2024-12-09
CVE-2024-46901 Apache Subversion: mod_dav_svn denial-of-service via control characters in paths — Apache Subversion 3.1 Low2024-12-09
CVE-2024-12355 SourceCodester Phone Contact Manager System ContactBook.cpp adding input validation — Phone Contact Manager System 3.3 Low2024-12-09
CVE-2024-12353 SourceCodester Phone Contact Manager System User Menu MenuDisplayStart input validation — Phone Contact Manager System 3.3 Low2024-12-09
CVE-2024-54140 sigstore-java has a vulnerability with bundle verification — sigstore-java--2024-12-05
CVE-2024-11985 ASUS RT-AX55 安全漏洞 — RT-AX55 4.4 Medium2024-12-04
CVE-2024-52815 Synapse allows a a malformed invite to break the invitee's `/sync` — synapse--2024-12-03
CVE-2024-43052 Improper Input Validation in Video Analytics and Processing — Snapdragon 7.8 High2024-12-02

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.