Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,448 vulnerabilities with CWE-20

CVE-2025-5148 MEDIUM

FunAudioLLM InspireMusic - Remote Code Execution via Pickle Deserialization in load_state_dict

CVE-2025-5114 MEDIUM

easycorp zentaopms 21.5_20250307 - Deserialization of Untrusted Data via filePath Parameter

CVE-2025-41379 MEDIUM

Intellian C700 - Privilege Escalation

CVE-2025-41378 MEDIUM

Intellian Technologies Iridium Certus 700 >=1.0.1 <1.0.1 - OS Command Injection via SSID Field

CVE-2025-3885 MEDIUM

Harman Becker MGU21 Firmware - Unauthenticated Denial of Service via Bluetooth Frame Validation

CVE-2025-47283 CRITICAL

Gardener < 1.116.4, 1.117.5, 1.118.2 - Authenticated Privilege Escalation via Gardenlet Component

CVE-2025-47282 CRITICAL

Gardener External DNS Management < 0.23.6 - Privilege Escalation via DNS Management Component

CVE-2025-4905 MEDIUM

basestation3 < 3.0.4 - Deserialization of Untrusted Data in QC.py load_qc_pickl

CVE-2025-22233 LOW

Spring Framework <6.2.7 - Info Disclosure

CVE-2025-2305 HIGH

SYNCPILOT LIVE CONTRACT 3-5.4.11, 5.5-5.5.3, 5.6-5.6.2 - Unauthenticated Path Traversal via File Download Functionality

CVE-2025-4742 MEDIUM

XU-YIJIE grpo-flat <9024b43f091e2eb9bac65802b120c0b35f9ba856 - Dese...

CVE-2025-4740 MEDIUM

BeamCtrl Airiana <11.0 - Deserialization

CVE-2025-4701 MEDIUM

VITA-MLLM Freeze-Omni <20250421 - Deserialization

CVE-2025-4762 LOW

eSigna 1.0-1.5 - Unauthenticated Insecure Direct Object Reference and Path Traversal via eSignaViewer

CVE-2025-46836 MEDIUM

net-tools <= 2.10 - Stack-based Buffer Overflow in Interface Label Handling

CVE-2025-47888 MEDIUM

Jenkins DingTalk Plugin < 2.7.3 - Unauthenticated SSL/TLS Certificate Validation Bypass

CVE-2025-47777 CRITICAL

5ire < 0.11.1 - Stored Cross-Site Scripting and Remote Code Execution via Electron Protocol Handling

CVE-2025-24785 MEDIUM

iTop 3.2.0 - Denial of Service via Dashboard Layout Class Injection

CVE-2025-43560 CRITICAL

Adobe ColdFusion <= 2025.1, <= 2023.13, <= 2021.19 - Authenticated Remote Code Execution

CVE-2025-43559 CRITICAL

ColdFusion <= 2025.1, <= 2023.13, <= 2021.19 - Authenticated Remote Code Execution

CVE-2025-24308 HIGH

Intel(R) Server D50DNP/M50FCP - Privilege Escalation

CVE-2025-21094 HIGH

Intel(R) Server D50DNP/M50FCP - Privilege Escalation

CVE-2025-20034 MEDIUM

Intel(R) Server D50DNP/M50FCP <R01.02.0003 - Info Disclosure

CVE-2025-20032 HIGH

Intel PROSet/Wireless <23.100 - DoS

CVE-2025-20031 MEDIUM

Intel(R) Graphics Drivers - Authenticated Denial of Service via Improper Input Validation

Previous Page 49 of 498 Next

Details

Vulnerabilities 12,448

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy