Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,440 vulnerabilities with CWE-20

CVE-2025-61546 CRITICAL

Print Shop Pro WebDesk <19.69 - RCE

CVE-2025-66786 HIGH

OpenAirInterface CN5G AMF <= v2.0.1 - DoS

CVE-2025-12543 CRITICAL

Undertow HTTP Server - Malformed Host Header Cache Poisoning

CVE-2025-61916 HIGH

Spinnaker < 2025.1.6, 2025.2.3, 2025.3.0 - Server-Side Request Forgery via Artifact Provider URL Input

CVE-2025-52519 HIGH

Samsung Exynos 1330/1380/1480/1580/2400/2500 Firmware - DoS & Info Disclosure via ISSIMIAN Driver

CVE-2025-15453 MEDIUM

Milvus < 2.6.8 - Deserialization via HTTP Endpoint Argument Manipulation

CVE-2025-15438 MEDIUM

PluXml < 5.8.22 - Deserialization via FileCookieJar Destructor in Media Management Module

CVE-2025-69288 CRITICAL

Titra < 0.99.49 - Authenticated Remote Code Execution via Time Entry Rule Modification

CVE-2025-15375 MEDIUM

EyouCMS < 1.7.8 - Remote Code Execution via Unserialize in arcpagelist Handler

CVE-2025-15246 MEDIUM

aizuda snail-job <1.7.0 - Deserialization

CVE-2025-15358 HIGH

DVP-12SE11T Firmware < 2.16 - Denial of Service

CVE-2025-15222 MEDIUM

Dromara Sa-Token <1.44.0 - Deserialization

CVE-2025-15284 LOW

NPM QS < 6.14.1 - Improper Input Validation

CVE-2025-69205 MEDIUM

Micro Registration Utility <88db9a9 - Command Injection

CVE-2025-66866 HIGH

BinUtils 2.26 - Denial of Service via Crafted PE File in d_abi_tags Function

CVE-2025-66864 HIGH

BinUtils - Denial of Service in d_print_comp_inner via Crafted PE File

CVE-2025-15117 LOW

Dromara Sa-Token <1.44.0 - Deserialization

CVE-2025-8075 MEDIUM

Hanwha Vision Camera Firmware - Cross-Site Scripting via XML Request Message

CVE-2025-52600 HIGH

Hanwha Vision Camera Firmware < 2.24.00 - Remote Code Execution via Video Analytics Input

CVE-2025-8769 CRITICAL

Telenium Online Web Application < 8.3 - Remote Code Execution via Perl Script Injection

CVE-2025-68667 CRITICAL

Conduit Matrix Homeservers - Forged Membership Event Signing

CVE-2025-59886 HIGH

Eaton xComfort ECI - Privilege Escalation

CVE-2025-59301 MEDIUM

Delta Electronics DVP15MC11T Firmware < 1.16.0 - Denial of Service via Modbus TCP Packet

CVE-2025-68398 CRITICAL

Weblate < 5.15.1 - Path Traversal via Git Configuration Overwrite

CVE-2025-67163 MEDIUM

Simple Machines Forum 2.1.6 - Stored Cross-Site Scripting via Forum Name Parameter

Previous Page 32 of 498 Next

Details

Vulnerabilities 12,440

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy