CWE-20 (输入验证不恰当) — Vulnerability Class 3267

3267 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-49368	Unchecked logrotate settings lead to arbitrary command execution — nginx-ui	8.8^AI	High^AI	2024-10-21
CVE-2024-49361	Potential Vulnerability in ACON Library: Improper Input Validation Leading to Malicious Code Execution — ACON	9.8	-	2024-10-18
CVE-2024-48918	Lack of Input Validation in RDS Light - Potential for Injection Attacks and Memory Tampering — RDSlight	9.8^AI	Critical^AI	2024-10-16
CVE-2024-9348	Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view — Docker Desktop	9.8^AI	Critical^AI	2024-10-16
CVE-2024-45219	Apache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-based infrastructure — Apache CloudStack	8.5	High	2024-10-16
CVE-2024-6207	Rockwell Automation多款产品安全漏洞 — ControlLogix® 5580	7.5	High	2024-10-14
CVE-2024-8755	Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. — LoadMaster	8.4	High	2024-10-11
CVE-2024-9507	Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.15.2 - Authenticated (Administrator+) Improper Input Validation via iconUpload Function to Arbitrary File Read — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder	4.9	Medium	2024-10-11
CVE-2024-45117	Adobe Commerce \| Improper Input Validation (CWE-20) — Adobe Commerce	7.6	High	2024-10-10
CVE-2024-47823	Livewire Remote Code Execution (RCE) on File Uploads — livewire	9.8^AI	Critical^AI	2024-10-08
CVE-2024-43611	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability — Windows Server 2019	8.8	High	2024-10-08
CVE-2024-43593	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability — Windows Server 2019	8.8	High	2024-10-08
CVE-2024-43592	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability — Windows Server 2019	8.8	High	2024-10-08
CVE-2024-43561	Windows Mobile Broadband Driver Denial of Service Vulnerability — Windows 10 Version 1809	6.5	Medium	2024-10-08
CVE-2024-43558	Windows Mobile Broadband Driver Denial of Service Vulnerability — Windows 10 Version 1809	6.5	Medium	2024-10-08
CVE-2024-43557	Windows Mobile Broadband Driver Denial of Service Vulnerability — Windows 10 Version 1809	6.5	Medium	2024-10-08
CVE-2024-43523	Windows Mobile Broadband Driver Remote Code Execution Vulnerability — Windows 10 Version 1809	6.8	Medium	2024-10-08
CVE-2024-30092	Windows Hyper-V Remote Code Execution Vulnerability — Windows 10 Version 1809	8.0	High	2024-10-08
CVE-2024-38265	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability — Windows Server 2019	8.8	High	2024-10-08
CVE-2024-20659	Windows Hyper-V Security Feature Bypass Vulnerability — Windows 10 Version 1809	7.1	High	2024-10-08
CVE-2024-43542	Windows Mobile Broadband Driver Denial of Service Vulnerability — Windows 10 Version 1809	6.5	Medium	2024-10-08
CVE-2024-43540	Windows Mobile Broadband Driver Denial of Service Vulnerability — Windows 10 Version 1809	6.5	Medium	2024-10-08
CVE-2024-43538	Windows Mobile Broadband Driver Denial of Service Vulnerability — Windows 10 Version 1809	6.5	Medium	2024-10-08
CVE-2024-43525	Windows Mobile Broadband Driver Remote Code Execution Vulnerability — Windows 10 Version 1809	6.8	Medium	2024-10-08
CVE-2024-43526	Windows Mobile Broadband Driver Remote Code Execution Vulnerability — Windows 10 Version 1809	6.8	Medium	2024-10-08
CVE-2024-38261	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability — Windows Server 2019	7.8	High	2024-10-08
CVE-2024-8518	Schneider Electric Zelio Soft 输入验证错误漏洞 — Zelio Soft 2	3.3	Low	2024-10-08
CVE-2024-43697	Liteos_a has an Improper Input Validation vulnerability — OpenHarmony	3.3	Low	2024-10-08
CVE-2024-31449	Lua library commands may lead to stack overflow and RCE in Redis — redis	7.0	High	2024-10-07
CVE-2024-31227	Denial-of-service due to malformed ACL selectors in Redis — redis	4.4	Medium	2024-10-07

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-20 (输入验证不恰当) — Vulnerability Class 3267