Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,449 vulnerabilities with CWE-20

CVE-2025-20031 MEDIUM

Intel(R) Graphics Drivers - Authenticated Denial of Service via Improper Input Validation

CVE-2025-20009 MEDIUM

Intel(R) Server D50DNP/M50FCP - Info Disclosure

CVE-2025-32706 HIGH KEV

Windows Common Log File System Driver - Authenticated Privilege Escalation via Improper Input Validation

CVE-2025-29968 MEDIUM

Active Directory Certificate Services - DoS

CVE-2025-29955 MEDIUM

Windows 11 24H2 and Windows Server 2022 23H2 and Windows Server 2025 - Denial of Service via Improper Input Validation

CVE-2025-40556 MEDIUM

Siemens BACnet ATEC 550-440, 550-441, 550-445, 550-446 - Denial of Service via BACnet MSTP Message

CVE-2025-24510 MEDIUM

Siemens MS/TP Point Pickup Module - Denial of Service via BACnet MSTP Message Handling

CVE-2025-31259 HIGH

macOS < 15.5, <14.8, <26 - Unprotected User Data Exposure via Screenshot Capture

CVE-2025-31240 HIGH

macOS < 13.7.6, < 14.7.6, < 15.5 - Denial of Service via Malicious AFP Network Share

CVE-2025-31233 MEDIUM

iPadOS < 17.7.7 - Denial of Service via Maliciously Crafted Video File

CVE-2025-31217 MEDIUM

Safari < 18.5 - Denial of Service via Malicious Web Content

CVE-2025-31215 MEDIUM

Safari < 18.5 - Denial of Service via Malicious Web Content

CVE-2025-31208 HIGH

iPadOS < 17.7.7 - Denial of Service via File Parsing

CVE-2025-30442 HIGH

macOS < 13.7.6, < 14.7.6, < 15.4 - Privilege Escalation

CVE-2025-24274 HIGH

macOS < 13.7.6, < 14.7.6, < 15.5 - Privilege Escalation to Root

CVE-2025-1087 CRITICAL

Kong Insomnia Desktop Application <11.0.2 - Code Injection

CVE-2025-4377 HIGH

Sparx Systems Pro Cloud Server <6.0.165 - Path Traversal

CVE-2025-4376 MEDIUM

Sparx Systems Pro Cloud Server <6.0.165 - XSS

CVE-2025-40846 HIGH

Halo <2.174.101, 2.175.1-2.184.21 - Open Redirect

CVE-2025-20197 MEDIUM

Cisco IOS XE Software - Privilege Escalation

CVE-2025-20154 HIGH

Cisco IOS XR - Unauthenticated Denial of Service via TWAMP Control Packet Processing

CVE-2025-21460 HIGH

Qualcomm QAM and SA Series Firmware - Memory Corruption via Guest VM Buffer Manipulation

CVE-2025-46340 HIGH

Misskey 12.0.0-2025.4.1 - CSS Injection via UrlPreviewService and MkUrlPreview

CVE-2025-4260 MEDIUM

zhangyanbo2007 youkefu <4.2.0 - Deserialization

CVE-2025-30391 HIGH

Microsoft Dynamics - Info Disclosure

Previous Page 50 of 498 Next

Details

Vulnerabilities 12,449

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy