Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3269

3269 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-22184 Junos OS and Junos OS Evolved: A BGP session will flap upon receipt of a specific, optional transitive attribute in version 22.3R1 — Junos OS 7.5 High2022-12-23
CVE-2022-43849 IBM AIX denial of service — AIX 6.2 Medium2022-12-23
CVE-2022-43848 IBM AIX denial of service — AIX 6.2 Medium2022-12-23
CVE-2022-40233 IBM AIX denial of service — AIX 6.2 Medium2022-12-23
CVE-2022-43875 IBM Financial Transaction Manager for SWIFT Services for Multiplatforms denial of service — Financial Transaction Manager for SWIFT Services for Multiplatforms 6.2 Medium2022-12-20
CVE-2022-3752 Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack — CompactLogix 5480 8.6 High2022-12-19
CVE-2022-46768 File name information disclosure vulnerability in Zabbix Web Service Report Generation — Web Service Report Generation 5.9 Medium2022-12-19
CVE-2022-4427 SQL Injection via OTRS Search API — OTRS 6.5 Medium2022-12-19
CVE-2022-3157 Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack — CompactLogix 5370 8.6 High2022-12-16
CVE-2021-28655 Apache Zeppelin: Arbitrary file deletion vulnerability — Apache Zeppelin 8.2 -2022-12-16
CVE-2022-4504 Improper Input Validation in openemr/openemr — openemr/openemr 7.5 -2022-12-15
CVE-2022-46363 Apache CXF directory listing / code exfiltration — Apache CXF 9.1 -2022-12-13
CVE-2021-40365 Siemens SIMATIC Drive Controller 输入验证错误漏洞 — SIMATIC Drive Controller CPU 1504D TF 7.5 High2022-12-13
CVE-2022-43515 X-Forwarded-For header is active by default causes access to Zabbix sites in maintenance mode — Frontend 5.3 Medium2022-12-12
CVE-2022-33876 Fortinet FortiADC 输入验证错误漏洞 — FortiADC 5.1 Medium2022-12-06
CVE-2022-38123 Insufficient validation of plugin files — GateManager 8.7 High2022-12-06
CVE-2021-37533 Apache Commons Net's FTP client trusts the host from PASV response by default — Apache Commons Net 6.5 -2022-12-03
CVE-2022-1471 Remote Code execution in SnakeYAML — SnakeYAML 8.3 High2022-12-01
CVE-2022-40265 Denial of Service (DoS) Vulnerability in MELSEC iQ-R Series Ethernet Interface Module — MELSEC iQ-R Series RJ71EN71 8.6 High2022-11-30
CVE-2022-4033 Quiz and Survey Master <= 8.0.4 - Improper Input Validation — Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker 5.3 Medium2022-11-29
CVE-2022-4032 Quiz and Survey Master <= 8.0.4 - Unauthenticated iFrame Injection via Paragraph and Short Answer — Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker 7.2 High2022-11-29
CVE-2022-41921 Discourse chat messages should have a maximum character limit — discourse 3.5 Low2022-11-28
CVE-2022-39338 Stored cross site scripting (XSS) vulnerability via Authorization Endpoint in user_oidc — security-advisories 3.5 Low2022-11-25
CVE-2022-40266 Denial-of-Service (DoS) Vulnerability in FTP Server Function on GOT2000 Series — GOT2000 Series GT27 model 5.3 Medium2022-11-24
CVE-2022-41942 Sourcegraph vulnerable to Comand Injection via gitserver — sourcegraph 7.9 High2022-11-22
CVE-2022-3388 Input Validation Vulnerability in Hitachi Energy’s MicroSCADA Pro/X SYS600 Products — MicroSCADA Pro SYS600 8.8 High2022-11-21
CVE-2022-45470 Apache Hama allows XSS and information disclosure — Apache Hama 6.5 -2022-11-21
CVE-2022-24037 Unauthorized modification in Karmasis Informatics Infraskope SIEM+ — Infraskope SIEM+ 8.2 High2022-11-18
CVE-2022-31607 NVIDIA graphics driver 输入验证错误漏洞 — NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) 7.8 High2022-11-18
CVE-2022-31616 NVIDIA GPU Display Driver 缓冲区错误漏洞 — NVIDIA Cloud Gaming (guest driver) 6.1 Medium2022-11-18

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3269 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.