Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3267

3267 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-62164 VLLM deserialization vulnerability leading to DoS and potential RCE — vllm 8.8 High2025-11-21
CVE-2025-11676 UPnP DOS in TL-WR940N V6 — TL-WR940N V6 6.5 -2025-11-20
CVE-2025-64759 Homarr is Vulnerable to Stored Cross-Site Scripting (XSS) and Possible Privilege Escalation via Malicious SVG Upload — homarr 8.1 High2025-11-19
CVE-2025-12842 Booking Plugin for WordPress Appointments – Time Slot <= 1.4.7 - Unauthenticated Arbitrary Email Sending — Time Slot – Booking and Appointment System 5.3 Medium2025-11-19
CVE-2025-64515 Open Forms prefill data in read-only components can be tampered — open-forms 4.3 Medium2025-11-18
CVE-2025-55058 Maxum Rumpus FTP Server 输入验证错误漏洞 — FTP Server 4.5 Medium2025-11-17
CVE-2025-13319 Authenticated SQL injection in API - Digi On-Prem Manager — Digi On-Prem Manager 8.8 High2025-11-17
CVE-2025-10460 Unsanitized parameter input leading to SQL Injection vulnerability — Contractor Web 9.8AICriticalAI2025-11-17
CVE-2025-64747 Directus Vulnerable to Stored Cross-site Scripting — directus 5.5 Medium2025-11-13
CVE-2024-47866 RGW DoS attack with empty HTTP header in S3 object copy — ceph 7.5 High2025-11-12
CVE-2024-45301 ZDI-CAN-24744: Mintty Path Conversion Improper Input Validation Information Disclosure Vulnerability — mintty 5.3 Medium2025-11-12
CVE-2025-12944 Improper input validation in NETGEAR DGN2200v4 — DGN2200v4 9.8 -2025-11-11
CVE-2025-12942 Improper input validation in NETGEAR R6260 and R6850 — R6260 7.5 -2025-11-11
CVE-2025-12908 Google Chrome 输入验证错误漏洞 — Chrome 6.5 -2025-11-07
CVE-2025-12907 Google Chrome 输入验证错误漏洞 — Chrome 8.8 -2025-11-07
CVE-2025-64176 ThinkDashboard: Arbitrary File Upload vulnerability in the Backup Import Feature — ThinkDashboard 5.3 Medium2025-11-06
CVE-2025-62507 Redis: Bug in XACKDEL may lead to stack overflow and potential RCE — redis 8.8AIHighAI2025-11-04
CVE-2025-64385 INCORRECT SECURITY VALIDATION IN SENDING UDP FRAMES — TCPRS1plus 9.1 -2025-10-31
CVE-2025-12285 Missing Initial Password Change — BLU-IC2 9.8 -2025-10-26
CVE-2025-12284 Lack of Input Validation — BLU-IC2 9.4 -2025-10-26
CVE-2025-12275 Mail Configuration File Manipulation + Command Execution — BLU-IC2 8.8 -2025-10-26
CVE-2025-12278 Logout Functionality not Working — BLU-IC2 6.5 -2025-10-26
CVE-2025-11497 Advanced Database Cleaner <= 3.1.6 - Cross-Site Request Forgery to Settings Manipulation — Advanced Database Cleaner – Optimize & Clean Database to Speed Up Site Performance 4.3 Medium2025-10-25
CVE-2025-11958 Devolutions Server 安全漏洞 — Server 6.5AIMediumAI2025-10-22
CVE-2025-62525 OpenWrt vulnerable to local privilage escalation — openwrt 7.9 High2025-10-22
CVE-2025-12001 Incorrect Content-Type Header — BLU-IC2 5.4AIMediumAI2025-10-20
CVE-2025-8414 Zigbee Green Power Host Buffer Overflow Vulnerability — Simplicity SDK 9.8AICriticalAI2025-10-17
CVE-2025-59248 Microsoft Exchange Server Spoofing Vulnerability — Microsoft Exchange Server 2016 Cumulative Update 23 7.5 High2025-10-14
CVE-2025-59198 Windows Search Service Denial of Service Vulnerability — Windows 10 Version 1507 5.0 Medium2025-10-14
CVE-2025-59190 Windows Search Service Denial of Service Vulnerability — Windows 10 Version 1507 5.5 Medium2025-10-14

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.