Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3267

3267 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-36390 MileSight DeviceHub - CWE-20 Improper Input Validation — DeviceHub 7.5 High2024-06-02
CVE-2024-34009 moodle: ReCAPTCHA can be bypassed on the login page 9.1 -2024-05-31
CVE-2024-33999 moodle: unsafe direct use of $_SERVER['HTTP_REFERER'] in admin/tool/mfa/index.php 5.4 -2024-05-31
CVE-2024-33996 moodle: broken access control when setting calendar event type — Moodle 4.3 -2024-05-31
CVE-2024-22338 IBM Security Verify Access OIDC Provider information disclosure — Security Verify Access OIDC Provider 4.0 Medium2024-05-31
CVE-2024-3584 Path Traversal in qdrant/qdrant — qdrant/qdrant 9.8AICriticalAI2024-05-30
CVE-2024-3657 389-ds-base: potential denial of service via specially crafted kerberos as-req request — Red Hat Directory Server 11.5 E4S for RHEL 8 7.5 High2024-05-28
CVE-2024-2199 389-ds-base: malformed userpassword may cause crash at do_modify in slapd/modify.c 5.7 Medium2024-05-28
CVE-2024-4287 Improper Input Validation in mintplex-labs/anything-llm — mintplex-labs/anything-llm 7.2AIHighAI2024-05-20
CVE-2021-22508 Potential SQL injection in OpenText Operations Bridge Reporter — Operations Bridge Reporter 7.2 High2024-05-17
CVE-2024-22429 Dell BIOS 输入验证错误漏洞 — CPG BIOS 7.5 High2024-05-17
CVE-2024-22120 Time Based SQL Injection in Zabbix Server Audit Log — Zabbix 9.1 Critical2024-05-17
CVE-2024-4609 Rockwell Automation Datalog Function within in FactoryTalk® View SE contains SQL Injection Vulnerability — FactoryTalk® View SE 9.8AICriticalAI2024-05-16
CVE-2024-4321 Local File Inclusion (LFI) in gaizhenbiao/chuanhuchatgpt — gaizhenbiao/chuanhuchatgpt 7.5AIHighAI2024-05-16
CVE-2024-20394 Cisco AppDynamics Network Visibility Agent 安全漏洞 — Cisco AppDynamics 5.5 Medium2024-05-15
CVE-2024-3488 File Upload vulnerability in unauthenticated session found in iManager. — iManager 5.6 Medium2024-05-15
CVE-2024-3968 Remote Code Execution vulnerability in the iManager — iManager 7.8 High2024-05-15
CVE-2024-2248 JFrog Artifactory Header Injection — Artifactory 6.4 Medium2024-05-15
CVE-2024-34098 ZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 1 of 2 — Acrobat Reader 7.8 High2024-05-15
CVE-2024-3676 Proofpoint Enterprise Protection 输入验证错误漏洞 — Enterprise Protection 7.5 High2024-05-14
CVE-2024-30054 Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability — PowerBI-client JS SDK 6.5 Medium2024-05-14
CVE-2024-30040 Windows MSHTML Platform Security Feature Bypass Vulnerability — Windows 10 Version 1809 8.8 High2024-05-14
CVE-2024-30002 Windows Mobile Broadband Driver Remote Code Execution Vulnerability — Windows 10 Version 1809 6.8 Medium2024-05-14
CVE-2024-29998 Windows Mobile Broadband Driver Remote Code Execution Vulnerability — Windows 10 Version 1809 6.8 Medium2024-05-14
CVE-2024-3372 MongoDB Server may have unexpected application behaviour due to invalid BSON — MongoDB Server 7.5 High2024-05-14
CVE-2024-25970 Dell PowerScale OneFS 输入验证错误漏洞 — PowerScale OneFS 6.5 Medium2024-05-14
CVE-2024-30258 FastDDS crash when publisher send malformed packet — Fast-DDS 8.2 High2024-05-13
CVE-2024-25641 Cacti RCE vulnerability when importing packages — cacti 9.1 Critical2024-05-13
CVE-2024-25581 Transfer requests received over DoH can lead to a denial of service in DNSdist — DNSdist 7.5 High2024-05-13
CVE-2024-32992 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.5 High2024-05-11

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.