Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,448 vulnerabilities with CWE-20

CVE-2025-54641 MEDIUM

Huawei EMUI and HarmonyOS - Denial of Service via Kernel Acceleration Module Buffer Overflow

CVE-2025-54636 MEDIUM

Huawei EMUI and HarmonyOS - Denial of Service via Kernel Drop Detection Module

CVE-2025-54614 MEDIUM

HarmonyOS - Denial of Service via Home Screen Input Verification

CVE-2025-8573 MEDIUM

Concrete CMS 9.0-9.4.2 - Stored Cross-Site Scripting via Home Folder on Members Dashboard

CVE-2025-8571 MEDIUM

Concrete CMS < 8.5.21 and 9.0.0-9.4.2 - Reflected Cross-Site Scripting in Conversation Messages Dashboard Page

CVE-2025-7674 HIGH

Roche Diagnostics navify Monitoring <1.08.00 - DoS

CVE-2025-27212 CRITICAL

UniFi Access <2.14.21-1.10.32-1.7.28 - Command Injection

CVE-2025-27211 HIGH

EdgeMAX EdgeSwitch <1.10.4 - Command Injection

CVE-2025-54564 HIGH

ChargePoint Home Flex <5.5.4.13 - Command Injection

CVE-2025-30480 MEDIUM

Dell PowerProtect Data Manager <19.19 - Info Disclosure

CVE-2025-50578 CRITICAL

LinuxServer.io heimdall 2.6.3-ls307 - Host Header Injection and Open Redirect

CVE-2025-4424 MEDIUM

InsydeH2O < L05.05.40.011803.172079 - Improper Input Validation

CVE-2025-43253 CRITICAL

macOS <15.6-14.7.7 - Privilege Escalation

CVE-2025-43234 CRITICAL

iPadOS < 18.6 - Memory Corruption via Malicious Texture Processing

CVE-2025-43223 HIGH

iPadOS < 17.7.9 - Denial of Service via Network Settings Modification

CVE-2025-43195 MEDIUM

macOS <15.6-13.7.7 - Info Disclosure

CVE-2025-31281 CRITICAL

iPadOS < 18.6 - Denial of Service via Maliciously Crafted File

CVE-2025-50492 HIGH

PHPGurukul e-Diary Mgt <v1 - Session Hijacking

CVE-2025-50489 HIGH

PHPGurukul Student Result Management System v2.0 - Info Disclosure

CVE-2025-50494 HIGH

PHPGurukul Car Washing Mgmt <1.0 - Session Hijacking

CVE-2025-50493 HIGH

PHPGurukul Doctor <v1 - Session Hijacking

CVE-2025-50490 HIGH

PHPGurukul Student Result Mgt Sys <v2.0 - Session Hijacking

CVE-2025-8266 MEDIUM

chancms < 3.1.3 - Deserialization via getArticle Function

CVE-2025-8227 MEDIUM

chancms < 3.1.3 - Deserialization via /collect/getArticle taskUrl Parameter

CVE-2025-8097 MEDIUM

WoodMart theme <8.2.6 - Info Disclosure

Previous Page 44 of 498 Next

Details

Vulnerabilities 12,448

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy