Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3267

3267 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-33066 Improper Input Validation in WLAN Resource Manager — Snapdragon 9.8 Critical2024-10-07
CVE-2024-33065 Improper Input Validation in Camera — Snapdragon 8.4 High2024-10-07
CVE-2024-25590 Crafted responses can lead to a denial of service due to cache inefficiencies in the Recursor — Recursor 7.5 High2024-10-03
CVE-2024-9407 Buildah: podman: improper input validation in bind-propagation option of dockerfile run --mount instruction 4.7 Medium2024-10-01
CVE-2024-6436 Rockwell Automation Input Validation Vulnerability exists in the SequenceManager™ Server — SequenceManager™ 8.6AIHighAI2024-09-27
CVE-2024-47175 libppd's ppdCreatePPDFromIPP2 function does not sanitize IPP attributes when creating the PPD buffer — libppd 8.6 High2024-09-26
CVE-2024-47076 libcupsfilters's cfGetPrinterAttributes5 does not validate IPP attributes returned from an IPP server — libcupsfilters 8.6 High2024-09-26
CVE-2024-47179 RSSHub's `docker-test-cont.yml` workflow is vulnerable to Artifact Poisoning which may lead to a full repository takeover. — RSSHub 8.8 High2024-09-26
CVE-2024-20464 Cisco IOS XE Software 安全漏洞 — Cisco IOS XE Software 8.6 High2024-09-25
CVE-2024-8889 Improper Input Validation vulnerability on CIRCUTOR TCP2RS+ — CIRCUTOR TCP2RS+ 9.3 Critical2024-09-18
CVE-2024-45537 Apache Druid: Users can provide MySQL JDBC properties not on allow list — Apache Druid 6.5 -2024-09-17
CVE-2024-45612 Insert tag injection via canonical URL in Contao — contao 5.3 Medium2024-09-17
CVE-2024-45798 Multiple Poisoned Pipeline Execution (PPE) vulnerabilities — arduino-esp32 10.0 Critical2024-09-17
CVE-2024-6077 Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP — CompactLogix 5380 7.5AIHighAI2024-09-12
CVE-2024-6658 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection. — LoadMaster 8.4 High2024-09-12
CVE-2024-45825 5015-U8IHFT Denial-of-Service Vulnerability via CIP Message — 5015-U8IHFT 7.5 High2024-09-12
CVE-2024-20406 Cisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability — Cisco IOS XR Software 7.4 High2024-09-11
CVE-2024-38194 Azure Web Apps Elevation of Privilege Vulnerability — Azure Web Apps 8.4 High2024-09-10
CVE-2024-43455 Windows Remote Desktop Licensing Service Spoofing Vulnerability — Windows Server 2019 8.8 High2024-09-10
CVE-2024-38245 Kernel Streaming Service Driver Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2024-09-10
CVE-2024-38243 Kernel Streaming Service Driver Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2024-09-10
CVE-2024-38244 Kernel Streaming Service Driver Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2024-09-10
CVE-2024-38234 Windows Networking Denial of Service Vulnerability — Windows 10 Version 1809 6.5 Medium2024-09-10
CVE-2024-38046 PowerShell Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2024-09-10
CVE-2024-37965 Microsoft SQL Server Elevation of Privilege Vulnerability — Microsoft SQL Server 2017 (GDR) 8.8 High2024-09-10
CVE-2024-38241 Kernel Streaming Service Driver Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2024-09-10
CVE-2024-38230 Windows Standards-Based Storage Management Service Denial of Service Vulnerability — Windows Server 2019 6.5 Medium2024-09-10
CVE-2024-38216 Azure Stack Hub Elevation of Privilege Vulnerability — Azure Stack Hub 8.2 High2024-09-10
CVE-2024-42424 Dell Precision Rack BIOS 输入验证错误漏洞 — Dell Precision Rack BIOS 5.3 Medium2024-09-10
CVE-2024-8445 389-ds-base: server crash while modifying `userpassword` using malformed input (incomplete fix for cve-2024-2199) 5.7 Medium2024-09-05

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.