Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3267

3267 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-45648 Apache Tomcat: Trailer header parsing too lenient — Apache Tomcat 7.5 -2023-10-10
CVE-2023-36566 Microsoft Common Data Model SDK Denial of Service Vulnerability — Microsoft Common Data Model SDK for Java 6.5 Medium2023-10-10
CVE-2023-36563 Microsoft WordPad Information Disclosure Vulnerability — Windows 10 Version 1809 6.5 Medium2023-10-10
CVE-2023-36585 Windows upnphost.dll Denial of Service Vulnerability — Windows 10 Version 1809 7.5 High2023-10-10
CVE-2023-36697 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability — Windows 10 Version 1809 6.8 Medium2023-10-10
CVE-2023-36707 Windows Deployment Services Denial of Service Vulnerability — Windows Server 2019 6.5 Medium2023-10-10
CVE-2023-36706 Windows Deployment Services Information Disclosure Vulnerability — Windows Server 2019 6.5 Medium2023-10-10
CVE-2023-36731 Win32k Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2023-10-10
CVE-2023-35349 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability — Windows 10 Version 1809 9.8 Critical2023-10-10
CVE-2023-32485 Dell SmartFabric Storage Software 输入验证错误漏洞 — Dell SmartFabric Storage Software 9.8 Critical2023-10-05
CVE-2023-43073 Dell SmartFabric Storage Software 输入验证错误漏洞 — Dell SmartFabric Storage Software 4.3 Medium2023-10-05
CVE-2023-43799 The Altair Desktop Client Does Not Sanitize External URLs before passing them to the underlying system — altair 5.0 Medium2023-10-04
CVE-2023-42449 Malicious head initialiser can extract PTs from control of Hydra scripts, leading to locked participant commits or spoofed commits — hydra 8.1 High2023-10-04
CVE-2023-42448 Hydra's contestation period in head datum can be modified during Close transaction, allowing malicious participant to freely modify the contestation deadline — hydra 8.1 High2023-10-04
CVE-2023-38701 Hydra's committed UTxOs at Commit validator and UTxOs at Initial validator can be spent arbitrarily by anyone — hydra 9.1 Critical2023-10-04
CVE-2023-39191 Kernel: ebpf: insufficient stack type checks in dynptr — Red Hat Enterprise Linux 9 8.2 High2023-10-04
CVE-2023-4586 Hotrod-client: hot rod client does not enable hostname validation when using tls that lead to a mitm attack — Red Hat Data Grid 8.4.6 7.4 High2023-10-04
CVE-2023-42508 JFrog Artifactory Improper header input validation leads to email manipulation sent from the platform — Artifactory 6.5 Medium2023-10-03
CVE-2023-24853 Improper Input Validation in HLOS — Snapdragon 8.4 High2023-10-03
CVE-2023-22382 Improper Input Validation in Automotive — Snapdragon 7.4 High2023-10-03
CVE-2023-3770 Vulnerability in Ingeteam's INGEPAC DA — INGEPAC DA3451 5.3 Medium2023-10-02
CVE-2023-3769 Vulnerability in Ingeteam's INGEPAC EF — INGEPAC FC5066 8.6 High2023-10-02
CVE-2023-3768 Vulnerability in Ingeteam's INGEPAC EF/DA — INGEPAC DA3451 8.6 High2023-10-02
CVE-2023-41303 Huawei HarmonyOS 命令注入漏洞 — HarmonyOS 9.1 -2023-09-25
CVE-2022-48605 Huawei HarmonyOS 安全漏洞 — HarmonyOS 9.8 -2023-09-25
CVE-2023-41300 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.5 -2023-09-25
CVE-2023-42798 AutomataCI Release Job Can Revert Repo to First Commit — AutomataCI 8.2 High2023-09-22
CVE-2023-42805 quinn-proto Denial of Service vulnerability — quinn 7.5 High2023-09-21
CVE-2023-4753 OpenHarmony v3.2.1 and prior version has a system call function usage error — OpenHarmony 3.9 Low2023-09-21
CVE-2023-5104 Improper Input Validation in nocodb/nocodb — nocodb/nocodb 9.8 -2023-09-21

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.