Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3271

3271 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-3907 Arbitrary filepath traversal via URI injection — octorpki 7.4 High2021-11-11
CVE-2021-3572 pip 输入验证错误漏洞 — python-pip 6.5 -2021-11-10
CVE-2020-10054 SIMATIC RTLS 输入验证错误漏洞 — SIMATIC RTLS Locating Manager 5.5 -2021-11-09
CVE-2021-41250 Presence of non-blacklisted URL bypasses all other filters — bot 4.3 Medium2021-11-05
CVE-2021-25509 Samsung Flow 输入验证错误漏洞 — Samsung Flow 5.9 Medium2021-11-05
CVE-2021-25504 SAMSUNG Group Sharing 安全漏洞 — Group Sharing 4.0 Medium2021-11-05
CVE-2021-25503 Samsung SMR 输入验证错误漏洞 — Samsung Mobile Devices 5.0 Medium2021-11-05
CVE-2021-25500 SAMSUNG Mobile devices 缓冲区错误漏洞 — Samsung Mobile Devices 7.2 High2021-11-05
CVE-2021-40120 Cisco Small Business RV Series Routers Command Injection Vulnerability — Cisco Small Business RV Series Router Firmware 6.5 Medium2021-11-04
CVE-2021-40127 Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability — Cisco Small Business Smart and Managed Switches 5.3 Medium2021-11-04
CVE-2021-34597 Phoenix Contact: PC Worx/-Express prone to improper input validation vulnerability — PC Worx 7.8 High2021-11-04
CVE-2021-37149 Request Smuggling - multiple attacks — Apache Traffic Server 7.5 -2021-11-03
CVE-2021-37148 Request Smuggling - transfer encoding validation — Apache Traffic Server 7.5 -2021-11-03
CVE-2021-37147 Request Smuggling - LF line ending — Apache Traffic Server 7.5 -2021-11-03
CVE-2021-25742 Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces — Kubernetes ingress-nginx 7.6 High2021-10-29
CVE-2021-34756 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities — Cisco Firepower Threat Defense Software 6.7 Medium2021-10-27
CVE-2021-34755 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities — Cisco Firepower Threat Defense Software 6.7 Medium2021-10-27
CVE-2011-4124 Calibre 输入验证错误漏洞 — Calibre 9.8 -2021-10-27
CVE-2020-7867 Helpu arbitrary file creation vulnerability — HelpuViewer.exe 8.0 High2021-10-27
CVE-2021-41173 DoS via maliciously crafted p2p message — go-ethereum 5.7 Medium2021-10-26
CVE-2021-26607 TOBESOFT NEXACRO17 arbitrary command execution vulnerability — NEXACRO17 8.1 High2021-10-26
CVE-2021-41105 FreeSWITCH susceptible to Denial of Service via invalid SRTP packets — freeswitch 7.5 High2021-10-25
CVE-2021-39220 Bypass of image blocking in Nextcloud Mail — security-advisories 3.5 Low2021-10-25
CVE-2021-38485 Emerson WirelessHART Gateway — WirelessHART Gateway 8.0 High2021-10-22
CVE-2021-38455 AUVESY Versiondog — Versiondog 7.3 High2021-10-22
CVE-2021-34736 Cisco Integrated Management Controller GUI Denial of Service Vulnerability — Cisco Unified Computing System (Managed) 5.3 Medium2021-10-21
CVE-2021-31376 Junos OS: ACX Series: Packet Forwarding Engine manager (FXPC) process crashes when processing DHCPv6 packets — Junos OS 7.5 High2021-10-19
CVE-2021-31373 Junos OS: SRX Series: Persistent XSS vulnerability in J-Web — Junos OS 8.0 High2021-10-19
CVE-2021-31372 Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root. — Junos OS 8.8 High2021-10-19
CVE-2021-41138 Validity check for signed Frontier-specific extrinsic not called in block execution — frontier 5.3 Medium2021-10-13

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3271 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.