Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3267

3267 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-1372 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console — Enterprise Server 9.1 Critical2024-02-13
CVE-2024-1369 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console — Enterprise Server 9.1 Critical2024-02-13
CVE-2024-1359 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console — Enterprise Server 9.1 Critical2024-02-13
CVE-2024-1355 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console — Enterprise Server 9.1 Critical2024-02-13
CVE-2024-1354 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console — Enterprise Server 8.0 High2024-02-13
CVE-2024-21374 Microsoft Teams for Android Information Disclosure Vulnerability — Microsoft Teams for Android 5.0 Medium2024-02-13
CVE-2024-20684 Windows Hyper-V Denial of Service Vulnerability — Windows Server 2022 6.5 Medium2024-02-13
CVE-2024-21315 Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability — Microsoft Defender for Endpoint for Windows 7.8 High2024-02-13
CVE-2024-21304 Trusted Compute Base Elevation of Privilege Vulnerability — Windows 10 Version 1809 4.1 Medium2024-02-13
CVE-2024-21413 Microsoft Outlook Remote Code Execution Vulnerability — Microsoft Office 2019 9.8 Critical2024-02-13
CVE-2024-23324 Envoy ext auth can be bypassed when Proxy protocol filter sets invalid UTF-8 metadata — envoy 8.6 High2024-02-09
CVE-2024-1245 Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes — Concrete CMS 2.4 Low2024-02-09
CVE-2024-1246 Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL Import Feature — Concrete CMS 2.0 Low2024-02-09
CVE-2024-1247 Concrete CMS version 9 before 9.2.5 vulnerable to stored XSS via the Role Name field — Concrete CMS 2.0 Low2024-02-09
CVE-2024-22119 Stored XSS in graph items select form — Zabbix 5.5 Medium2024-02-09
CVE-2024-0955 Stored XSS vulnerability — Nessus 4.8 Medium2024-02-06
CVE-2024-24941 JetBrains IntelliJ IDEA 安全漏洞 — IntelliJ IDEA 6.1 Medium2024-02-06
CVE-2023-33057 Improper Input Validation in Multi-Mode Call Processor — Snapdragon 7.5 High2024-02-06
CVE-2024-21863 Dsoftbus has an improper input validation vulnerability — OpenHarmony 4.7 Medium2024-02-02
CVE-2024-0285 Dsoftbus has an improper input validation vulnerability — OpenHarmony 4.7 Medium2024-02-02
CVE-2023-46159 IBM Storage Ceph denial of service — Storage Ceph 2.6 Low2024-02-02
CVE-2023-49610 MachineSense FeverWarn Improper Input Validation — FeverWarn 8.1 High2024-02-01
CVE-2024-21388 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability — Microsoft Edge (Chromium-based) 6.5 Medium2024-01-30
CVE-2024-1019 WAF bypass of the ModSecurity v3 release line — ModSecurity 8.6 High2024-01-30
CVE-2023-4553 Unauthenticated Access to AppBuilder Configuration Files — AppBuilder 5.3 Medium2024-01-29
CVE-2023-4552 Java Database Connectivity (JDBC) URL Manipulation — AppBuilder 5.5 Medium2024-01-29
CVE-2023-4551 Command Injection via Task Scheduler — AppBuilder 7.2 High2024-01-29
CVE-2023-4550 Unauthenticated Arbitrary File Read — AppBuilder 7.5 High2024-01-29
CVE-2024-23790 Missing file type check in avatar picture upload — OTRS 3.5 Low2024-01-29
CVE-2024-23655 Attacker can prevent users from accessing received emails — tutanota 7.5 High2024-01-25

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.