Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3266

3266 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-15358 DVP-12SE11T - Denial of Service Vulnerability — DVP-12SE11T 7.5 High2025-12-30
CVE-2025-15284 arrayLimit bypass in bracket notation allows DoS via memory exhaustion 3.7 Low2025-12-29
CVE-2025-69205 In µURU, a Specially Crafted Federation Name Allows Dialplan Injection — uURU 6.3 Medium2025-12-29
CVE-2025-8075 Improper Input Validation — QNV-C8012 6.1 -2025-12-26
CVE-2025-52600 Improper Input Validation — QNV-C8012 9.3 -2025-12-26
CVE-2025-8769 MegaSys Computer Technologies Telenium Online Web Application Improper Input Validation — Telenium Online Web Application 9.8 Critical2025-12-24
CVE-2025-68667 Conduit-derived homeservers are affected by a Confused Deputy and Improper Input Validation issue — continuwuity 5.3AIMediumAI2025-12-23
CVE-2025-59886 Eaton xComfort ECI 安全漏洞 — Eaton xComfort ECI 8.8 High2025-12-23
CVE-2025-59301 Modbus/TCP Dos Vulnerability in DVP15MC11T — DVP15MC11T 4.0 Medium2025-12-22
CVE-2025-68398 Weblate has git config file overwrite vulnerability that leads to remote code execution — weblate 9.1 Critical2025-12-18
CVE-2025-67493 Homarr issing input sanitization and possible privilege escalation through ldap search query injection — homarr 7.5 High2025-12-17
CVE-2025-20393 Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability — Cisco Secure Email 10.0 Critical2025-12-17
CVE-2025-58173 FreshRSS vulnerable to authenticated RCE via path traversal inside include() — FreshRSS 8.8AIHighAI2025-12-15
CVE-2025-14156 Fox LMS – WordPress LMS Plugin 1.0.4.7 - 1.0.5.1 - Unauthenticated Privilege Escalation via 'createOrder' — Fox LMS – WordPress LMS Plugin 9.8 Critical2025-12-15
CVE-2025-9207 TI WooCommerce Wishlist <= 2.10.0 - Unauthenticated HTML Injection — TI WooCommerce Wishlist 5.3 Medium2025-12-13
CVE-2025-66451 LibreChat's Improper Input Validation in Prompt Creation API Enables Unauthorized Permission Changes — LibreChat 4.3AIMediumAI2025-12-11
CVE-2025-64993 Command Injection in 1E-ConfigMgrConsoleExtensions Instructions — DEX 6.8 Medium2025-12-11
CVE-2025-64992 Command Injection in 1E-Nomad-PauseNomadJobQueue Instruction — DEX 6.8 Medium2025-12-11
CVE-2025-64991 Command Injection in 1E-PatchInsights-Deploy Instruction — DEX 6.8 Medium2025-12-11
CVE-2025-64990 Command Injection in 1E-Explorer-TachyonCore-LogoffUser Instruction — DEX 6.8 Medium2025-12-11
CVE-2025-64989 Command Injection in 1E-Explorer-TachyonCore-FindFileBySizeAndHash Instruction — DEX 7.2 High2025-12-11
CVE-2025-64988 Command Injection in 1E-Nomad-GetCmContentLocations Instruction — DEX 7.2 High2025-12-11
CVE-2025-64987 Command Injection in 1E-Explorer-TachyonCore-CheckSimpleIoC Instruction — DEX 7.2 High2025-12-11
CVE-2025-64986 Command Injection in 1E-Explorer-TachyonCore-DevicesListeningOnAPort Instruction — DEX 7.2 High2025-12-11
CVE-2025-46266 Unauthenticated Transmission of Data in NomadBranch.exe — DEX 4.3 Medium2025-12-11
CVE-2025-44016 File Hash Validation Bypass in NomadBranch.exe — DEX 8.8 High2025-12-11
CVE-2025-12687 Denial-of-Service Vulnerability in NomadBranch.exe — DEX 6.5 Medium2025-12-11
CVE-2025-61812 ColdFusion | Improper Input Validation (CWE-20) — ColdFusion 8.4 High2025-12-09
CVE-2025-61809 ColdFusion | Improper Input Validation (CWE-20) — ColdFusion 9.1 Critical2025-12-09
CVE-2025-61822 ColdFusion | Improper Input Validation (CWE-20) — ColdFusion 6.2 Medium2025-12-09

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3266 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.