Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,440 vulnerabilities with CWE-20

CVE-2025-57528 HIGH

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01 - Denial of Service via formSetCfm Parameters

CVE-2025-58114 MEDIUM

BlueSpice 5.0-5.1.1 - Cross-Site Scripting in CognitiveProcessDesigner Extension

CVE-2025-10630 MEDIUM

Grafana-Zabbix < 6.0.0 - Denial of Service via Regex Query ReDoS

CVE-2025-23336 MEDIUM

NVIDIA Triton Inference Server < 25.08 - Denial of Service via Misconfigured Model Loading

CVE-2025-23268 HIGH

NVIDIA Triton Inference Server < 25.07 - Remote Code Execution via DALI Backend

CVE-2025-10155 HIGH

picklescan <= 0.0.30 - Remote Code Execution via PyTorch File Extension Bypass

CVE-2025-59161 LOW

Element Web <1.11.112 - Info Disclosure

CVE-2025-43375 MEDIUM

Xcode < 26.0 - Denial of Service via Large Path Value

CVE-2025-43372 HIGH

Apple iPadOS < 26.0 - Denial of Service via Malicious Media File

CVE-2025-43347 CRITICAL

iPadOS < 26.0 - Improper Input Validation

CVE-2025-43342 CRITICAL

Safari < 26.0 - Denial of Service via Malicious Web Content

CVE-2025-43299 MEDIUM

iPadOS < 18.7 - Denial of Service via Improved Input Validation

CVE-2025-43293 MEDIUM

macOS < 14.8, < 15.7, < 26 - Unprotected User Data Exposure via Improper Input Validation

CVE-2025-10433 MEDIUM

1Panel-dev MaxKB <2.0.2/2.1.0 - Deserialization

CVE-2025-58364 MEDIUM

OpenPrinting CUPS < 2.4.13 - Denial of Service via Unsafe Printer Attribute Deserialization

CVE-2025-10252 LOW

SEAT Queue Ticket Kiosk <20250827 - Deserialization

CVE-2025-54123 CRITICAL

Hoverfly < 1.12.0 - Remote Code Execution via Middleware API Endpoint

CVE-2025-56404 HIGH

MariaDB MCP 0.1.0 - Unauthenticated Sensitive Information Exposure via SSE Service

CVE-2025-58759 MEDIUM

TinyEnv 1.0.9-1.0.10 - Info Disclosure

CVE-2025-10164 HIGH

sglang - Remote Code Execution via Pickle Deserialization

CVE-2025-54250 MEDIUM

Adobe Experience Manager < 6.5.23.0 - Security Feature Bypass via Improper Input Validation

CVE-2025-54248 HIGH

Adobe Experience Manager < 6.5.23.0 - Security Feature Bypass via Improper Input Validation

CVE-2025-54247 MEDIUM

Adobe Experience Manager < 6.5.23.0 - Security Feature Bypass via Improper Input Validation

CVE-2025-53809 MEDIUM

Windows 11 24H2 and Windows Server 2025 < 10.0.26100.6508 - Denial of Service in LSASS

CVE-2025-54236 CRITICAL KEV

Magento SessionReaper

Previous Page 40 of 498 Next

Details

Vulnerabilities 12,440

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy