Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,448 vulnerabilities with CWE-20

CVE-2025-47968 HIGH

Microsoft AutoUpdate < 4.79 - Authenticated Privilege Escalation

CVE-2025-47171 MEDIUM

Microsoft Office Outlook - Authenticated Local Code Execution via Improper Input Validation

CVE-2025-4680 HIGH

upKeeper Instant Privilege Access <1.4.0 - Info Disclosure

CVE-2025-3898 MEDIUM

Schneider Electric Modicon M241/M251 <5.3.12.51 & M262 <5.3.9.18 Authenticated DoS via Invalid HTTPS Data

CVE-2025-3116 MEDIUM

Schneider Electric Modicon M241/M251 <5.3.12.51 & M258/LMC058 Authenticated DoS via HTTPS

CVE-2025-1041 CRITICAL

Avaya Call Management System <20.0.1.0 - Command Injection

CVE-2025-0037 MEDIUM

AMD Versal Adaptive SoC - Memory Corruption

CVE-2025-27242 LOW

OpenHarmony < 5.0.3 - Denial of Service via Improper Input Validation

CVE-2025-27131 MEDIUM

OpenHarmony < 5.0.3 - Denial of Service via Improper Input Validation

CVE-2025-5680 MEDIUM

AgileBPM < 2.5.0 - Deserialization via Groovy Script Handler

CVE-2025-5679 MEDIUM

AgileBPM < 2.5.0 - Remote Code Execution via FreeMarker Template Deserialization

CVE-2025-1701 HIGH

MIM Admin Service RMI - Local Code Execution

CVE-2025-5552 MEDIUM

ChestnutCMS <15.1 - Deserialization

CVE-2025-5499 HIGH

Slackero phpwcms <1.9.45/1.10.8 - Deserialization

CVE-2025-5498 MEDIUM

Slackero phpwcms <1.9.45/1.10.8 - Deserialization

CVE-2025-5497 MEDIUM

Slackero phpwcms <1.9.45/1.10.8 - Deserialization

CVE-2025-5455 HIGH

Qt <5.15.18, 6.0.0-6.5.8, 6.6.0-6.8.3, 6.9.0 - DoS

CVE-2025-48944 MEDIUM

vLLM 0.8.0-0.9.0 - Denial of Service via Malformed Tools Input

CVE-2025-4635 MEDIUM

JCT Airpointer 2 Diagnostics - Admin Command Execution

CVE-2025-48490 MEDIUM

Laravel Rest Api <2.13.0 - Validation Bypass

CVE-2025-5326 MEDIUM

zhilink ADP Application Developer Platform 1.0.0 - Deserialization of Untrusted Data via /adpweb/wechat/verifyToken/

CVE-2025-33043 MEDIUM

AMI APTIO V 5.0-5.010 - Improper Input Validation

CVE-2025-27151 MEDIUM

Redis 7.0.0-7.2.9 - Stack-based Buffer Overflow in redis-check-aof via File Path Copy

CVE-2025-5174 MEDIUM

erdogant pypickle < 2.0.0 - Deserialization of Untrusted Data via load Function

CVE-2025-5173 MEDIUM

HumanSignal label-studio-ml-backend - Deserialization of Untrusted Data in PT File Handler

Previous Page 48 of 498 Next

Details

Vulnerabilities 12,448

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy