Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3267

3267 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-10155 PickleScan Security Bypass Using Misleading File Extension — picklescan 9.8AICriticalAI2025-09-17
CVE-2025-59161 In Element Web and Element Desktop, a malicious room can hide an unrelated room and cause it to be left when the malicious room is left — element-web 7.5AIHighAI2025-09-16
CVE-2025-58364 cups: Remote DoS via null dereference — cups 6.5 Medium2025-09-11
CVE-2025-54123 Hoverfly vulnerable to remote code execution at `/api/v2/hoverfly/middleware` endpoint due to insecure middleware implementation — hoverfly 9.8 Critical2025-09-10
CVE-2025-58759 TinyEnv: Inline comments not stripped properly in .env values — tiny-env 5.1 Medium2025-09-09
CVE-2025-53809 Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability — Windows 11 Version 24H2 6.5 Medium2025-09-09
CVE-2025-54250 Adobe Experience Manager | Improper Input Validation (CWE-20) — Adobe Experience Manager 4.9 Medium2025-09-09
CVE-2025-54247 Adobe Experience Manager | Improper Input Validation (CWE-20) — Adobe Experience Manager 6.5 Medium2025-09-09
CVE-2025-54248 Adobe Experience Manager | Improper Input Validation (CWE-20) — Adobe Experience Manager 7.7 High2025-09-09
CVE-2025-54236 Adobe Commerce | Improper Input Validation (CWE-20) — Adobe Commerce 9.1 Critical2025-09-09
CVE-2025-8007 Rockwell Automation 1756-ENT2R, EN4TR, EN4TRXT Vulnerability — 1756-ENT2R, 1756-EN4TR, 1756-EN4TRXT 6.5AIMediumAI2025-09-09
CVE-2025-10061 Malformed $group Query May Cause MongoDB Server to Crash — MongoDB Server 6.5 Medium2025-09-05
CVE-2025-58361 Promptcraft Forge Studio's incomplete URL check is vulnerable to XSS via SVG — promptcraft-forge-studio 9.3 Critical2025-09-04
CVE-2025-9467 Possibility to bypass file upload validation on the server-side — vaadin 7.5AIHighAI2025-09-04
CVE-2024-43115 Apache DolphinScheduler: Alert Script Attack — Apache DolphinScheduler 8.8AIHighAI2025-09-03
CVE-2025-52547 DoS to the application services — E3 Supervisory Control 7.5AIHighAI2025-09-02
CVE-2025-52544 Arbitrary read file from the filesystem — E3 Supervisory Control 7.5AIHighAI2025-09-02
CVE-2025-55173 Next.js Content Injection Vulnerability for Image Optimization — next.js 4.3 Medium2025-08-29
CVE-2025-9195 Solidigm DC Products 安全漏洞 — D7-PS1010/D7-PS1030 4.4 Medium2025-08-28
CVE-2025-57810 jsPDF Parsing of Corrupt PNGs Leads to Potential Denial of Service (DoS) — jsPDF 6.5AIMediumAI2025-08-26
CVE-2025-57805 The Scratch Channel's Publish Articles POST Request Can Upload Articles Without Validation — tsc-web-client 5.3AIMediumAI2025-08-25
CVE-2025-55301 The Scratch Channel Allows Username Modification — the-scratch-channel.github.io 6.7 Medium2025-08-25
CVE-2025-52451 Salesforce Tableau Server 安全漏洞 — Tableau Server 6.5 -2025-08-22
CVE-2025-9288 Missing type checks leading to hash rewind and passing on crafted data 9.1AICriticalAI2025-08-20
CVE-2025-9287 Missing type checks leading to hash rewind and passing on crafted data 9.1AICriticalAI2025-08-20
CVE-2011-10020 Kaillera 0.86 Server DoS via Malformed UDP Packet — Server 7.5AIHighAI2025-08-20
CVE-2025-36114 IBM QRadar SOAR Plugin App path traversal — QRadar SOAR Plugin App 6.5 Medium2025-08-20
CVE-2025-7693 Rockwell Automation Micro800 Vulnerability — PLC - Micro850 L50E 7.5AIHighAI2025-08-18
CVE-2025-6625 Schneider Electric多款产品 输入验证错误漏洞 — Modicon M340 7.5 High2025-08-18
CVE-2025-52620 HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability — BigFix SaaS Remediate 4.3 Medium2025-08-15

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.