CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,440 vulnerabilities with CWE-20
CVE-2025-24486 HIGH
Intel 700 Series Ethernet <2.28.5 - Privilege Escalation
CVSS 7.8
CVE-2025-24484 HIGH
Intel 800 Series Ethernet <1.17.2 - Privilege Escalation
CVSS 7.8
CVE-2025-24325 HIGH
Intel 800 Series Ethernet <1.17.2 - Privilege Escalation
CVSS 8.8
CVE-2025-24296 MEDIUM
Intel E810 Ethernet Firmware < 4.6 - Denial of Service via Improper Input Validation
CVSS 6.0
CVE-2025-21086 HIGH
Intel 700 Series Ethernet <2.28.5 - Privilege Escalation
CVSS 7.5
CVE-2025-40746 CRITICAL
SIMATIC RTLS Locating Manager < 3.2 - Authenticated Remote Code Execution via Backup Script Input Validation
CVSS 9.1
CVE-2025-25212 LOW
OpenHarmony < 5.0.3 - Denial of Service via Improper Input Validation
CVSS 3.3
CVE-2025-55006 MEDIUM
Frappe Learning 2.0.0-2.33.0 - Stored Cross-Site Scripting via SVG File Upload
CVSS 4.3
CVE-2025-48913 CRITICAL
Apache CXF < 3.6.8 - Remote Code Execution via JMS Configuration
CVSS 9.8
CVE-2025-8708 MEDIUM
Antabot White-Jotter 0.22 - Deserialization in ShiroConfiguration CookieRememberMeManager
CVSS 5.0
CVE-2025-54368 MEDIUM
Pypi UV < 0.8.6 - Interpretation Conflict
CVE-2025-44779 MEDIUM
Ollama < 0.1.34 - Arbitrary File Deletion via /api/pull Endpoint
CVSS 6.6
CVE-2025-8582 MEDIUM
Google Chrome < 139.0.7258.66 - URL Spoofing via Omnibox Input Validation
CVSS 4.3
CVE-2025-54785 HIGH
SuiteCRM 7.14.6 and 8.8.0 - Unauthenticated PHP Object Injection via Unserialize
CVSS 8.8
CVE-2025-50233 MEDIUM
QCMS 6.0.5 - Authenticated Arbitrary File Read via Backend Template Editor Name Parameter
CVSS 6.5
CVE-2025-21477 HIGH
Qualcomm 315 5G IoT Modem Firmware - Denial of Service via Invalid CCCH Data Length
CVSS 7.5
CVE-2025-54642 MEDIUM
Huawei EMUI and HarmonyOS - Denial of Service via Kernel Gyroscope Module Buffer Overflow
CVSS 6.7
CVE-2025-54641 MEDIUM
Huawei EMUI and HarmonyOS - Denial of Service via Kernel Acceleration Module Buffer Overflow
CVSS 6.7
CVE-2025-54636 MEDIUM
Huawei EMUI and HarmonyOS - Denial of Service via Kernel Drop Detection Module
CVSS 4.4
CVE-2025-54614 MEDIUM
HarmonyOS - Denial of Service via Home Screen Input Verification
CVSS 6.2
CVE-2025-8573 MEDIUM
Concrete CMS 9.0-9.4.2 - Stored Cross-Site Scripting via Home Folder on Members Dashboard
CVSS 4.8
CVE-2025-8571 MEDIUM
Concrete CMS < 8.5.21 and 9.0.0-9.4.2 - Reflected Cross-Site Scripting in Conversation Messages Dashboard Page
CVSS 4.8
CVE-2025-7674 HIGH
Roche Diagnostics navify Monitoring <1.08.00 - DoS
CVE-2025-27212 CRITICAL
UniFi Access <2.14.21-1.10.32-1.7.28 - Command Injection
CVSS 9.8
CVE-2025-27211 HIGH
EdgeMAX EdgeSwitch <1.10.4 - Command Injection
CVSS 7.5
Details
Vulnerabilities 12,440
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits