CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,440 vulnerabilities with CWE-20
CVE-2025-14576 HIGH
Possible QML code injection in VectorImage component
CVSS 7.8
CVE-2025-13826 HIGH
Incorrect input validation on the Zervit portable HTTP/Web server
CVE-2025-57834 HIGH
Samsung Exynos and Modem Firmware - Denial of Service via Improper Input Validation
CVSS 7.5
CVE-2025-48651 MEDIUM
Android <2026-04-05 - High Severity Vuln
CVSS 5.5
CVE-2025-57835 HIGH
Samsung Exynos Modem - Memory Corruption
CVSS 7.5
CVE-2025-14213 HIGH
Cato's Socket WebUI is vulnerable to OS Command Injection
CVE-2025-69986 HIGH
LSC Indoor Camera V7.6.32 - Buffer Overflow
CVSS 7.2
CVE-2025-59032 HIGH
OX Dovecot Pro < 2.4.0 and < 3.1.0 - Denial of Service via ManageSieve AUTHENTICATE Command
CVSS 7.5
CVE-2025-59028 MEDIUM
OX Dovecot Pro < 2.4.0 and < 3.1.0 - Denial of Service via Invalid BASE64 SASL Data
CVSS 5.3
CVE-2025-55270 LOW
HCL Aftermarket DPC is affected by Improper Input Validation
CVSS 3.5
CVE-2025-15606 HIGH
Denial of Service (DoS) in HTTPD Input Handling on TP-Link TD-W8961N
CVSS 7.5
CVE-2025-31966 LOW
Boolean-Based SQL Injection in Multiple Unica Components
CVSS 2.7
CVE-2025-6969 MEDIUM
ability_ability_runtime an improper input validation vulnerability
CVSS 5.0
CVE-2025-26474 LOW
OpenHarmony <= v5.0.3 communication_ipc - Improper Input Validation
CVSS 3.3
CVE-2025-10461 MEDIUM
Global file reads caused by improper URL checks in webserver
CVE-2025-60012 MEDIUM
Apache Livy 0.7.0-0.8.0 - Unauthorized File Access
CVSS 6.3
CVE-2025-13462 LOW
CPython Tarfile Archive Misinterpretation via AREGTYPE Block Normalization
CVSS 3.3
CVE-2025-20105 HIGH
Intel UEFI Firmware - Privilege Escalation
CVE-2025-20096 MEDIUM
Intel UEFI Firmware - Privilege Escalation
CVE-2025-20068 HIGH
Intel UEFI ImcErrorHandler - Privilege Escalation
CVE-2025-20064 HIGH
Intel UEFI FlashUcAcmSmm - Privilege Escalation
CVE-2025-20027 HIGH
Intel UEFI WheaERST - Privilege Escalation
CVE-2025-36920 HIGH
Android - Out-of-bounds Write in hyp_alloc
CVSS 8.4
CVE-2025-14558 HIGH
FreeBSD rtsold 15.x - Remote Code Execution via DNSSL
CVSS 7.2
CVE-2025-69279 HIGH
Android - Remote Denial of Service via Improper Input Validation in NR Modem
CVSS 7.5
Details
Vulnerabilities 12,440
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits