Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3267

3267 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-28977 Dell Repository Manager 输入验证错误漏洞 — Dell Repository Manager (DRM) 3.3 Low2024-04-24
CVE-2024-28976 Dell Repository Manager 输入验证错误漏洞 — Dell Repository Manager (DRM) 8.8 High2024-04-24
CVE-2024-3177 Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin — Kubernetes 2.7 Low2024-04-22
CVE-2024-32653 Insufficient input filtering of "package name" allows command execution in the device with shell privileges — jadx 6.1 Medium2024-04-22
CVE-2024-3646 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console — Enterprise Server 8.0 High2024-04-19
CVE-2023-5397 Honeywell Experion Server 安全漏洞 — Experion Server 8.1 High2024-04-17
CVE-2023-36505 WordPress Ninja Forms Plugin <= 3.6.24 is vulnerable to Arbitrary File Deletion — Ninja Forms Contact Form 6.8 Medium2024-04-17
CVE-2022-24806 net-snmp vulnerable to Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously — net-snmp 6.5 Medium2024-04-16
CVE-2024-3029 Improper Input Validation in mintplex-labs/anything-llm — mintplex-labs/anything-llm 9.8 -2024-04-16
CVE-2024-3028 Improper Input Validation in mintplex-labs/anything-llm — mintplex-labs/anything-llm 9.8 -2024-04-16
CVE-2024-2424 Rockwell Automation Input/Output Device Vulnerable to Major Nonrecoverable Fault — 5015-AENFTXT 7.5 High2024-04-15
CVE-2024-3493 Rockwell Automation ControlLogix and GaurdLogix Vulnerable to Major Nonrecoverable Fault Due to Invalid Header Value — ControlLogix 5580 8.6 High2024-04-15
CVE-2024-21590 Junos OS Evolved: Packets which are not destined to the device can reach the RE — Junos OS Evolved 5.3 Medium2024-04-12
CVE-2024-1481 Freeipa: specially crafted http requests potentially lead to denial of service 5.3 Medium2024-04-10
CVE-2024-3101 Privilege Escalation via Improper Input Validation in mintplex-labs/anything-llm — mintplex-labs/anything-llm 9.8AICriticalAI2024-04-10
CVE-2024-3385 PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled — PAN-OS 7.5 High2024-04-10
CVE-2024-31309 Apache Traffic Server: HTTP/2 CONTINUATION frames can be utilized for DoS attack — Apache Traffic Server 7.5 -2024-04-10
CVE-2024-20758 Adobe Commerce | Improper Input Validation (CWE-20) — Adobe Commerce 9.0 Critical2024-04-10
CVE-2024-21507 MySQL2 安全漏洞 — mysql2 6.5 Medium2024-04-10
CVE-2024-2536 Rank Math SEO with AI SEO Tools <= 1.0.214 - Authenticated(Contributor+) Stored Cross-Site Scripting via HowTo block attributes — Rank Math SEO – AI SEO Tools to Dominate SEO Rankings 6.4 Medium2024-04-09
CVE-2024-2650 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & Widgets 6.4 Medium2024-04-09
CVE-2024-2027 Real Media Library: Media Library Folder & File Manager <= 4.22.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — Real Media Library: Media Library Folder & File Manager 6.4 Medium2024-04-09
CVE-2024-2165 SEOPress – On-site SEO <= 7.5.2.1 - Authenticated (Author+) Stored Cross-Site Scripting — SEOPress – On-site SEO & Analytics 6.4 Medium2024-04-09
CVE-2024-2513 WP Chat App <= 3.6.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via Block Image Attribute — WP Chat App 6.4 Medium2024-04-09
CVE-2024-2226 Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE 6.4 Medium2024-04-09
CVE-2024-25116 Specially crafted CF.RESERVE command can lead to denial-of-service — RedisBloom 5.5 Medium2024-04-09
CVE-2024-20670 Outlook for Windows Spoofing Vulnerability — Outlook for Windows 8.1 High2024-04-09
CVE-2024-28897 Secure Boot Security Feature Bypass Vulnerability — Windows 10 Version 1809 6.8 Medium2024-04-09
CVE-2024-26240 Secure Boot Security Feature Bypass Vulnerability — Windows 10 Version 1809 8.0 High2024-04-09
CVE-2024-26189 Secure Boot Security Feature Bypass Vulnerability — Windows 10 Version 1809 8.0 High2024-04-09

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.