Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,440 vulnerabilities with CWE-20

CVE-2025-62525 HIGH

OpenWrt < 24.10.4 - Out-of-bounds Read and Write via ltq-ptm Driver ioctls

CVE-2025-12001 MEDIUM

BLU-IC2 and BLU-IC4 Firmware < 1.20 - Stored Cross-Site Scripting via Application Manifest

CVE-2025-26781 HIGH

Samsung Exynos and Modem Firmware - Denial of Service in L2 RLC AM PDU Handling

CVE-2025-11938 MEDIUM

ChurchCRM < 5.18.0 - Remote Code Execution via Setup Route Deserialization

CVE-2025-8414 CRITICAL

Zigbee EZSP Host Apps - Buffer Overflow

CVE-2025-60537 MEDIUM

kafka-ui 0.6.0-0.7.2 - Remote Code Execution via CustomSerdeLoader Input Validation

CVE-2025-59250 HIGH

JDBC Driver for SQL Server 10.2.0-10.2.4 and 8.3.0.jre11-preview-10.2.4.jre11 - Spoofing via Improper Input Validation

CVE-2025-59248 HIGH

Microsoft Exchange Server - Spoofing via Improper Input Validation

CVE-2025-59228 HIGH

Microsoft SharePoint Server - Remote Code Execution via Improper Input Validation

CVE-2025-59207 HIGH

Windows Kernel < - Privilege Escalation

CVE-2025-59198 MEDIUM

Windows Search Component - Denial of Service via Improper Input Validation

CVE-2025-59190 MEDIUM

Windows 10 1507-22H2, Windows 11 22H2-25H2, Windows Server 2008 - Unauthenticated Denial of Service in Search Component

CVE-2025-59187 HIGH

Windows Kernel - Privilege Escalation

CVE-2025-58716 HIGH

Microsoft Windows Speech - Privilege Escalation

CVE-2025-55692 HIGH

Windows Error Reporting - Privilege Escalation

CVE-2025-55679 MEDIUM

Windows Kernel - Unauthenticated Information Disclosure via Improper Input Validation

CVE-2025-9066 HIGH

FactoryTalk ViewPoint - Unauthenticated XML External Entity Injection via SOAP Requests

CVE-2025-31995 LOW

HCL Unica MaxAI Workbench - Improper Input Validation

CVE-2025-62162 HIGH

cel-rust 0.10.0-0.11.3 - Denial of Service via Malformed CEL Expression Parsing

CVE-2025-61920 HIGH

Authlib < 1.6.5 - Uncontrolled Resource Consumption via Oversized JWS/JWT Segments

CVE-2025-27040 MEDIUM

Hypervisor Log Processing - Info Disclosure

CVE-2025-61768 MEDIUM

KUNO CMS < 1.3.15 - Authenticated Server-Side Request Forgery via SVG File Upload

CVE-2025-11346 MEDIUM

ILIAS <8.23/9.13/10.1 - Deserialization

CVE-2025-11345 MEDIUM

ILIAS <8.23/9.13/10.1 - Deserialization

CVE-2025-11273 MEDIUM

LaChatterie Verger <= 1.2.10 - Remote Code Execution via OAuth Provider URL Deserialization

Previous Page 38 of 498 Next

Details

Vulnerabilities 12,440

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy