Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,449 vulnerabilities with CWE-20

CVE-2025-30293 MEDIUM

ColdFusion <2023.12, 2021.18, 2025.0 - Info Disclosure

CVE-2025-24446 CRITICAL

Adobe ColdFusion <= 2023.12, 2021.18, 2025.0 - Authenticated Remote Code Execution

CVE-2025-29821 MEDIUM

Dynamics 365 Business Central Authenticated Information Disclosure via Improper Input Validation

CVE-2025-29811 HIGH

Windows 11 22H2-24H2 and Windows Server 2022-2025 - Local Privilege Escalation via Mobile Broadband Input Validation

CVE-2025-27737 HIGH

Windows 10 1507-24H2 and Windows Server 2008 - Security Feature Bypass via Zone Mapping Input Validation

CVE-2025-27731 HIGH

Windows 10/11, Server 2019/2022/2025 OpenSSH Privilege Escalation via Input Validation

CVE-2025-27489 HIGH

Azure Stack HCI 22H2 < 10.0.20348.3328 and 23H2 < 10.0.25398.1486 - Authenticated Privilege Escalation

CVE-2025-26647 HIGH

Windows Server 2008-2025 Privilege Escalation via Kerberos Input Validation

CVE-2025-24074 HIGH

Windows DWM Core Library - Authenticated Privilege Escalation via Improper Input Validation

CVE-2025-24073 HIGH

Windows 10 1507-22H2 and Windows 11 22H2-24H2 - Authenticated Privilege Escalation via DWM Core Library Input Validation

CVE-2025-24062 HIGH

Windows DWM Core Library - Authenticated Privilege Escalation via Improper Input Validation

CVE-2025-24060 HIGH

Windows DWM Core Library - Authenticated Privilege Escalation via Improper Input Validation

CVE-2025-24058 HIGH

Windows DWM Core Library - Privilege Escalation via Improper Input Validation

CVE-2025-30151 HIGH

Shopware < 6.5.8.17 and 6.6.0.0-6.6.10.3 - Denial of Service via Long Password Input

CVE-2025-3413 MEDIUM

opplus springboot-admin - Deserialization of Untrusted Data via SysGeneratorController Tables Argument

CVE-2025-31488 MEDIUM

Plain Craft Launcher <2.9.3 - Info Disclosure

CVE-2025-3250 MEDIUM

elunez eladmin 2.7 - Deserialization

CVE-2025-3165 MEDIUM

thu-pacman chitu <0.1.0 - Deserialization

CVE-2025-3162 MEDIUM

InternLM LMDeploy < 0.7.1 - Deserialization in PT File Handler

CVE-2025-31477 CRITICAL

tauri/plugin-shell < 2.2.1 - Remote Code Execution via Open Endpoint Protocol Validation Bypass

CVE-2025-30080 HIGH

Pexip Infinity 29-36.2 - Denial of Service via Signalling Input Validation

CVE-2025-3070 MEDIUM

Google Chrome < 135.0.7049.52 - Privilege Escalation via Extensions Input Validation

CVE-2025-3068 HIGH

Google Chrome < 135.0.7049.52 - Privilege Escalation via Intents

CVE-2025-31135 MEDIUM

go-guerrilla < 1.6.7 - IP Address Spoofing via PROXY Command Override

CVE-2025-31132 HIGH

The-Commit-Company raven < 2.1.10 - Authenticated Remote Code Execution via API Endpoint

Previous Page 52 of 498 Next

Details

Vulnerabilities 12,449

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy