Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3267

3267 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-32990 Huawei HarmonyOS 安全漏洞 — HarmonyOS 6.1 Medium2024-05-11
CVE-2024-32989 Huawei HarmonyOS 安全漏洞 — HarmonyOS 3.3 Low2024-05-11
CVE-2024-2257 Password Policy Bypass Vulnerability in Digisol Router — Digisol Router DG-GR1321 4.6 -2024-05-10
CVE-2024-32672 SAMSUNG Escargot 安全漏洞 — Escargot 5.3 Medium2024-05-09
CVE-2024-34365 Apache Karaf Cave: Cave SSRF and arbitrary file access — Apache Karaf Cave 9.1 -2024-05-09
CVE-2024-32669 Possible stack overflow due to a string encoding processing error — Escargot 5.3 Medium2024-05-09
CVE-2024-2746 Incomplete fix for CVE-2024-1929 — dnf5daemon-server 8.8 High2024-05-08
CVE-2024-1929 Local Root Exploit via Configuration Dictionary — dnf5daemon-server 7.5 High2024-05-08
CVE-2023-7240 Broken Access Control leading to SSRF in NetIQ Identity Console — NetIQ Identity Console 5.8 Medium2024-05-07
CVE-2024-21476 Improper Input Validation in Secure Processor — Snapdragon 7.8 High2024-05-06
CVE-2024-4548 Delta Electronics DIAEnergie SQL Injection — DIAEnergie 9.8 Critical2024-05-06
CVE-2024-4547 Delta Electronics DIAEnergie Unauthenticated SQL Injection — DIAEnergie 9.8 Critical2024-05-06
CVE-2024-20064 MediaTek 芯片 安全漏洞 — MT6580, MT6761, MT6762, MT6768, MT6781, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT6989, MT8678, MT8755, MT8775, MT8792, MT8796 7.8AIHighAI2024-05-06
CVE-2024-20056 MediaTek 芯片 安全漏洞 — MT6739, MT6761, MT6765, MT6768, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6880, MT6885, MT6886, MT6890, MT6893, MT6895, MT6897, MT6983, MT6985, MT6989, MT8666, MT8667, MT8673, MT8676, MT8678 6.7AIMediumAI2024-05-06
CVE-2023-40515 LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability — Simple Editor 7.5 -2024-05-03
CVE-2023-32170 Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability — UaGateway 6.5 -2024-05-03
CVE-2024-0710 GP Unique ID <= 1.5.5 - Unauthenticated Form Submission Unique ID Modification — GP Unique ID 5.3 Medium2024-05-02
CVE-2024-2751 Exclusive Addons for Elementor <= 2.6.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via InfoBox — Exclusive Addons for Elementor 6.4 Medium2024-05-02
CVE-2024-3747 Blocksy <= 2.0.39 - Authenticated (Contributor+) Stored Cross-Site Scripting via About Me block — Blocksy 6.4 Medium2024-05-02
CVE-2024-2867 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress 6.4 Medium2024-05-02
CVE-2024-4003 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & Widgets 6.4 Medium2024-05-02
CVE-2024-4142 JFrog Artifactory Improper input validation within token creation flow — Artifactory 9.0 Critical2024-05-01
CVE-2024-23335 Backups directory .htaccess deletion in. MyBB — mybb 4.7 Medium2024-05-01
CVE-2024-3096 PHP function password_verify can erroneously return true when argument contains NUL — PHP 6.5 Medium2024-04-29
CVE-2024-2756 __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix — PHP 6.5 Medium2024-04-29
CVE-2024-32646 vyper performs double eval of the slice args when buffer from adhoc locations — vyper 5.3 Medium2024-04-25
CVE-2024-32645 vyper performs incorrect topic logging in raw_log — vyper 5.3 Medium2024-04-25
CVE-2024-28240 GLPI-Agent's MSI package installation permits local users to change Agent configuration — glpi-agent 7.3 High2024-04-25
CVE-2024-4175 Improper Input Validation vulnerability in Hyperion Web Server — Hyperion Web Server 5.4 Medium2024-04-25
CVE-2024-25583 Crafted responses can lead to a denial of service in Recursor if recursive forwarding is configured — Recursor 7.5 High2024-04-25

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.