Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3271

3271 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-44183 Junos OS: QFX5000 Series, EX4600 Series: In a VxLAN scenario an adjacent attacker within the VxLAN sending genuine packets may cause a DMA memory leak to occur. — Junos OS 6.5 Medium2023-10-12
CVE-2023-32721 Stored XSS in Maps element — Zabbix 7.6 High2023-10-12
CVE-2023-44110 Huawei HarmonyOS 输入验证错误漏洞 — HarmonyOS 7.5 -2023-10-11
CVE-2023-44103 Huawei HarmonyOS 缓冲区错误漏洞 — HarmonyOS 6.5 -2023-10-11
CVE-2023-45648 Apache Tomcat: Trailer header parsing too lenient — Apache Tomcat 7.5 -2023-10-10
CVE-2023-36566 Microsoft Common Data Model SDK Denial of Service Vulnerability — Microsoft Common Data Model SDK for Java 6.5 Medium2023-10-10
CVE-2023-36563 Microsoft WordPad Information Disclosure Vulnerability — Windows 10 Version 1809 6.5 Medium2023-10-10
CVE-2023-36585 Windows upnphost.dll Denial of Service Vulnerability — Windows 10 Version 1809 7.5 High2023-10-10
CVE-2023-36697 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability — Windows 10 Version 1809 6.8 Medium2023-10-10
CVE-2023-36707 Windows Deployment Services Denial of Service Vulnerability — Windows Server 2019 6.5 Medium2023-10-10
CVE-2023-36706 Windows Deployment Services Information Disclosure Vulnerability — Windows Server 2019 6.5 Medium2023-10-10
CVE-2023-36731 Win32k Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2023-10-10
CVE-2023-35349 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability — Windows 10 Version 1809 9.8 Critical2023-10-10
CVE-2023-32485 Dell SmartFabric Storage Software 输入验证错误漏洞 — Dell SmartFabric Storage Software 9.8 Critical2023-10-05
CVE-2023-43073 Dell SmartFabric Storage Software 输入验证错误漏洞 — Dell SmartFabric Storage Software 4.3 Medium2023-10-05
CVE-2023-43799 The Altair Desktop Client Does Not Sanitize External URLs before passing them to the underlying system — altair 5.0 Medium2023-10-04
CVE-2023-42449 Malicious head initialiser can extract PTs from control of Hydra scripts, leading to locked participant commits or spoofed commits — hydra 8.1 High2023-10-04
CVE-2023-42448 Hydra's contestation period in head datum can be modified during Close transaction, allowing malicious participant to freely modify the contestation deadline — hydra 8.1 High2023-10-04
CVE-2023-38701 Hydra's committed UTxOs at Commit validator and UTxOs at Initial validator can be spent arbitrarily by anyone — hydra 9.1 Critical2023-10-04
CVE-2023-39191 Kernel: ebpf: insufficient stack type checks in dynptr — Red Hat Enterprise Linux 9 8.2 High2023-10-04
CVE-2023-4586 Hotrod-client: hot rod client does not enable hostname validation when using tls that lead to a mitm attack — Red Hat Data Grid 8.4.6 7.4 High2023-10-04
CVE-2023-42508 JFrog Artifactory Improper header input validation leads to email manipulation sent from the platform — Artifactory 6.5 Medium2023-10-03
CVE-2023-24853 Improper Input Validation in HLOS — Snapdragon 8.4 High2023-10-03
CVE-2023-22382 Improper Input Validation in Automotive — Snapdragon 7.4 High2023-10-03
CVE-2023-3770 Vulnerability in Ingeteam's INGEPAC DA — INGEPAC DA3451 5.3 Medium2023-10-02
CVE-2023-3769 Vulnerability in Ingeteam's INGEPAC EF — INGEPAC FC5066 8.6 High2023-10-02
CVE-2023-3768 Vulnerability in Ingeteam's INGEPAC EF/DA — INGEPAC DA3451 8.6 High2023-10-02
CVE-2023-41303 Huawei HarmonyOS 命令注入漏洞 — HarmonyOS 9.1 -2023-09-25
CVE-2022-48605 Huawei HarmonyOS 安全漏洞 — HarmonyOS 9.8 -2023-09-25
CVE-2023-41300 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.5 -2023-09-25

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3271 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.