Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3269

3269 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-29492 A vulnerability exists in the handling of a malformed IEC 104 TCP packet. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a denial-of-service if the affected conne ... — MicroSCADA X SYS600 5.3 Medium2022-09-14
CVE-2022-29922 A vulnerability exists in the handling of a specially crafted IEC 61850 packet with a valid data item but with incorrect data type in the IEC 61850 OPC Server. The vulnerability may cause a denial-of-service on the IEC 61850 OPC Server part of the SYS ... — MicroSCADA X SYS600 7.5 High2022-09-14
CVE-2022-36850 SAMSUNG Mobile devices 路径遍历漏洞 — Samsung Mobile Devices 4.0 Medium2022-09-09
CVE-2022-36853 SAMSUNG Mobile devices 安全漏洞 — Samsung Mobile Devices 3.3 Low2022-09-09
CVE-2022-36873 SAMSUNG Mobile devices 安全漏洞 — com.samsung.android.waterplugin 5.9 Medium2022-09-09
CVE-2022-36854 SAMSUNG Mobile devices 缓冲区错误漏洞 — Samsung Mobile Devices 4.0 Medium2022-09-09
CVE-2022-36859 SAMSUNG Mobile devices 跨站脚本漏洞 — SmartTagPlugin 5.7 Medium2022-09-09
CVE-2022-3169 RISC-V 输入验证错误漏洞 — Kernel 5.5 -2022-09-09
CVE-2022-36087 OAuthLib vulnerable DoS when attacker provides malicious IPV6 URI — oauthlib 5.7 Medium2022-09-09
CVE-2022-36082 mangadex-downloader vulnerable to unauthorized file reading — mangadex-downloader 5.3 Medium2022-09-07
CVE-2022-36058 elrond-go MultiESDTNFTTransfer call on a SC address with missing function name — elrond-go 7.5 High2022-09-06
CVE-2022-36032 ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent — http 5.3 Medium2022-09-06
CVE-2021-3754 Red Hat Keycloak 安全漏洞 — keycloak 5.3 -2022-08-26
CVE-2021-4041 Ansible-Runner 操作系统命令注入漏洞 — ansible-runner 7.8 -2022-08-24
CVE-2021-4125 Red Hat OpenShift 代码问题漏洞 — kube-reporting/hive 8.1 -2022-08-24
CVE-2021-4204 Linux kernel 缓冲区错误漏洞 — kernel 6.0 -2022-08-24
CVE-2020-35509 Red Hat Keycloak 信任管理问题漏洞 — keycloak 5.9 -2022-08-23
CVE-2021-3442 Red Hat 3scale API Management Platform 输入验证错误漏洞 — Red Hat OpenShift API Management. 5.4 -2022-08-22
CVE-2022-34916 Improper Input Validation (JNDI Injection) in JMSMessageConsumer — Apache Flume 9.8 -2022-08-21
CVE-2022-36023 Remote denial of service in Hyperledger Fabric Gateway — fabric 7.0 High2022-08-18
CVE-2022-2868 LibTIFF 缓冲区错误漏洞 — libtiff 5.5 -2022-08-17
CVE-2020-1756 Moodle 输入验证错误漏洞 — Moodle 6.7 -2022-08-16
CVE-2022-24952 Eternal Terminal 输入验证错误漏洞 — Eternal Terminal 6.5 -2022-08-16
CVE-2021-22289 RCE through Project Upload from Target — Automation Studio 8.3 High2022-08-11
CVE-2022-28755 Improper URL parsing in Zoom Clients — Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) 9.6 Critical2022-08-11
CVE-2022-35666 Adobe Acrobat Reader Improper Input Validation Remote Code Execution Vulnerability — Acrobat Reader 7.8 High2022-08-11
CVE-2022-35668 Adobe Acrobat Reader Improper Input Validation Memory leak — Acrobat Reader 5.5 Medium2022-08-11
CVE-2022-31779 Improper HTTP/2 scheme and method validation — Apache Traffic Server 7.5 -2022-08-10
CVE-2021-37150 Protocol vs scheme mismatch — Apache Traffic Server 7.5 -2022-08-10
CVE-2022-28129 Insufficient Validation of HTTP/1.x Headers — Apache Traffic Server 7.5 -2022-08-10

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3269 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.