CWE-20 (输入验证不恰当) — Vulnerability Class 3271

3271 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-24893	Visual Studio Code Remote Code Execution Vulnerability — Visual Studio Code	7.8	High	2023-04-11
CVE-2023-28291	Raw Image Extension Remote Code Execution Vulnerability — Raw Image Extension	8.4	High	2023-04-11
CVE-2022-42477	Fortinet FortiAnalyzer 输入验证错误漏洞 — FortiAnalyzer	6.5	High	2023-04-11
CVE-2023-26293	Siemens TIA Portal 输入验证错误漏洞 — Totally Integrated Automation Portal (TIA Portal) V15	7.3	High	2023-04-11
CVE-2023-28710	Apache Airflow Spark Provider Arbitrary File Read via JDBC — Apache Airflow Spark Provider	-	-	2023-04-07
CVE-2023-28707	Airflow Apache Drill Provider Arbitrary File Read Vulnerability — Apache Airflow Drill Provider	-	-	2023-04-07
CVE-2023-20103	Cisco Secure Network Analytics Remote Code Execution Vulnerability — Cisco Secure Network Analytics	4.9	Medium	2023-04-05
CVE-2023-20132	Cisco Webex Meetings Web UI Vulnerabilities — Cisco Webex Meetings	5.4	Medium	2023-04-05
CVE-2023-20134	Cisco Webex Meetings Web UI Vulnerabilities — Cisco Webex Meetings	5.4	Medium	2023-04-05
CVE-2023-27496	Envoy may crash when a redirect url without a state param is received in the oauth filter — envoy	6.5	Medium	2023-04-04
CVE-2023-27493	Envoy doesn't escape HTTP header values — envoy	8.1	High	2023-04-04
CVE-2023-27491	Envoy forwards invalid Http2/Http3 downstream headers — envoy	5.4	Medium	2023-04-04
CVE-2023-27488	Envoy gRPC client produces invalid protobuf when an HTTP header with non-UTF8 value is received. — envoy	5.4	Medium	2023-04-04
CVE-2023-27487	Envoy client may fake the header `x-envoy-original-path` — envoy	8.2	High	2023-04-04
CVE-2022-33211	Improper Input Validation in MODEM — Snapdragon	9.8	Critical	2023-04-04
CVE-2023-1789	Improper Input Validation in firefly-iii/firefly-iii — firefly-iii/firefly-iii	9.1	-	2023-04-01
CVE-2022-47188	Improper Input Validation in Generex CS141 — UPS CS141	7.5	High	2023-03-31
CVE-2022-47189	DoS via file upload vulnerability at Generex CS141 — UPS CS141	7.5	High	2023-03-31
CVE-2022-47190	RCE via file upload vulnerability in Generex CS141 — UPS CS141	10.0	Critical	2023-03-31
CVE-2022-47191	Privilege Escalation via file upload vulnerability at Generex CS141 — UPS CS141	4.3	Medium	2023-03-31
CVE-2022-47192	Admin password reset via file upload vulnerability in Generex CS141 — UPS CS141	8.8	High	2023-03-31
CVE-2023-28733	Stored XSS affecting the AcyMailing plugin for Joomla — Newsletter Plugin for Joomla in the Enterprise version	7.2	High	2023-03-30
CVE-2023-28732	Missing access control affecting the AcyMailing plugin for Joomla — Newsletter Plugin for Joomla	6.5	Medium	2023-03-30
CVE-2023-28731	Unauthenticated RCE affecting the AcyMailing plugin for Joomla — Newsletter Plugin for Joomla in the Enterprise version	9.8	Critical	2023-03-30
CVE-2023-0775	Bluetooth LE Invalid prepare write request command leads to denial of service — GSDK	6.5	Medium	2023-03-28
CVE-2023-25879	ZDI-CAN-19389: Adobe Dimension OBJ File Improper Input Validation Remote Code Execution — Dimension	7.8	High	2023-03-28
CVE-2023-25881	ZDI-CAN-19390: Adobe Dimension OBJ File Improper Input Validation Remote Code Execution — Dimension	7.8	High	2023-03-28
CVE-2023-25901	ZDI-CAN-19508: Adobe Dimension USD File Improper Input Validation Remote Code Execution Vulnerability — Dimension	7.8	High	2023-03-28
CVE-2023-25661	Denial of Service in TensorFlow — tensorflow	6.5	Medium	2023-03-27
CVE-2022-47924	Arbitrary Code Execution using the validate function of csaf-validator-lib — csaf-validator-lib	6.5	Medium	2023-03-27

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3271 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-20 (输入验证不恰当) — Vulnerability Class 3271