CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,449 vulnerabilities with CWE-20
CVE-2025-22235 HIGH
Spring Boot Improper Input Validation in EndpointRequest.to()
CVSS 7.3
CVE-2025-46574 MEDIUM
ZTE ZXCloud GoldenDB >=6.1.03 <6.1.03.11 - Information Disclosure via Error Messages
CVSS 4.1
CVE-2025-26413 HIGH
Apache Kvrocks <= 2.11.1 - Denial of Service via SETRANGE Command Offset Validation
CVSS 7.5
CVE-2025-3837 MEDIUM
Saviynt OVA based Connect < AlmaLinux-8.x_SC2.0-Client-2.0 - Remote Code Execution via Request Parameter Manipulation
CVE-2025-29784 HIGH
NamelessMC < 2.2.0 - Denial of Service via Forum Search Parameter Length
CVSS 7.5
CVE-2025-27599 MEDIUM
Element X Android <25.04.2 - Privilege Escalation
CVSS 6.5
CVE-2025-26477 MEDIUM
Dell ECS < 3.8.1.4 - Remote Code Execution via Improper Input Validation
CVSS 4.3
CVE-2025-3677 MEDIUM
lm-sys fastchat <0.2.36 - Deserialization
CVSS 5.3
CVE-2025-3622 MEDIUM
Xorbits Inference <1.4.1 - Deserialization
CVSS 5.5
CVE-2025-3590 MEDIUM
Adianti Framework <8.0 - Deserialization
CVSS 6.3
CVE-2025-32079 MEDIUM
Mediawiki - GrowthExperiments <1.44 - DoS
CVSS 6.5
CVE-2025-32077 MEDIUM
Mediawiki - SimpleCalendar <1.44 - XSS
CVE-2025-32076 MEDIUM
Mediawiki - Visual Data Extension <1.44 - DoS
CVE-2025-32075 MEDIUM
Mediawiki - Tabs Extension <1.44 - Code Injection
CVE-2025-32073 MEDIUM
Mediawiki - HTML Tags 1.39-1.43 - Cross-Site Scripting
CVSS 5.4
CVE-2025-32071 MEDIUM
Mediawiki - Wikidata Extension <1.44 - XSS
CVSS 5.4
CVE-2025-32070 MEDIUM
Mediawiki - AJAX Poll Ext <1.43 - XSS
CVSS 5.4
CVE-2025-32069 MEDIUM
Mediawiki - Wikibase Media Info Ext <1.43 - XSS
CVSS 5.4
CVE-2025-32067 MEDIUM
Mediawiki - Growth Experiments Ext <1.44 - XSS
CVSS 5.4
CVE-2025-29150 MEDIUM
BlueCMS 1.6 - Arbitrary File Deletion via id Parameter in publish.php
CVSS 4.3
CVE-2025-30649 HIGH
Juniper Junos < 22.2 - Improper Input Validation
CVSS 7.5
CVE-2025-30648 HIGH
Juniper Junos OS and Junos OS Evolved - Unauthenticated Denial of Service via Malformed DHCP Packet
CVSS 7.4
CVE-2025-31672 MEDIUM
Apache POI < 5.4.0 - Improper Input Validation in OOXML File Parsing
CVSS 5.3
CVE-2025-2223 HIGH
Engineering Workstation - Info Disclosure
CVSS 7.8
CVE-2025-30294 MEDIUM
ColdFusion <2023.12, 2021.18, 2025.0 - Info Disclosure
CVSS 6.8
Details
Vulnerabilities 12,449
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits