Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3267

3267 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-33043 SMM buffer Integrity — AptioV 5.8 Medium2025-05-29
CVE-2025-27151 redis-check-aof may lead to stack overflow and potential RCE — redis 4.7 Medium2025-05-29
CVE-2025-41379 Injection vulnerability in Iridium Certus 700 — Iridium Certus 700 8.2AIHighAI2025-05-23
CVE-2025-41378 Injection vulnerability in Iridium Certus 700 — Iridium Certus 700 8.8AIHighAI2025-05-23
CVE-2024-25010 Ericsson RAN Compute and Site Controller 6610 - Improper Input Validation Vulnerability — Ericsson RAN Compute Basebands (all BB variants) 8.8 High2025-05-22
CVE-2025-3885 Harman Becker MGU21 Bluetooth Improper Input Validation Denial-of-Service Vulnerability — MGU21 6.5AIMediumAI2025-05-22
CVE-2021-25255 Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service. — Browser Lite 7.5AIHighAI2025-05-21
CVE-2025-47283 Bypassing project secret validation can lead to privilege escalation — gardener 9.1AICriticalAI2025-05-19
CVE-2025-47282 Malicious google credential in DNS secret can lead to privilege escalation — external-dns-management 9.1AICriticalAI2025-05-19
CVE-2025-22233 Spring Framework DataBinder Case Sensitive Match Exception — Spring Framework 3.1 Low2025-05-16
CVE-2025-2305 Local file inclusion vulnerability in LIVE CONTRACT — LIVE CONTRACT 8.6 High2025-05-16
CVE-2024-53827 Ericsson Packet Core Controller (PCC) - Improper Input Validation Vulnerability — Packet Core Controller 7.5 High2025-05-16
CVE-2025-4762 Insecure Direct Object Reference (IDOR) vulnerability in eSignaViewer — eSigna 7.5AIHighAI2025-05-15
CVE-2025-46836 net-tools Stack-based Buffer Overflow vulnerability — net-tools 6.6 Medium2025-05-14
CVE-2025-47777 5ire Client Vulnerable to Cross-Site Scripting (XSS) and Remote Code Execution (RCE) — 5ire 9.7 Critical2025-05-14
CVE-2025-24785 iTop dashboard vulnerable to denial of service — iTop 4.3 Medium2025-05-14
CVE-2025-43559 ColdFusion | Improper Input Validation (CWE-20) — ColdFusion 9.1 Critical2025-05-13
CVE-2025-43560 ColdFusion | Improper Input Validation (CWE-20) — ColdFusion 9.1 Critical2025-05-13
CVE-2025-29955 Windows Hyper-V Denial of Service Vulnerability — Windows 11 Version 24H2 6.2 Medium2025-05-13
CVE-2025-32706 Windows Common Log File System Driver Elevation of Privilege Vulnerability — Windows 10 Version 1507 7.8 High2025-05-13
CVE-2025-29968 Active Directory Certificate Services (AD CS) Denial of Service Vulnerability — Windows Server 2008 R2 Service Pack 1 6.5 Medium2025-05-13
CVE-2025-40556 Siemens BACnet ATEC 输入验证错误漏洞 — BACnet ATEC 550-440 6.5 Medium2025-05-13
CVE-2025-24510 Siemens MS/TP Point Pickup Module 输入验证错误漏洞 — MS/TP Point Pickup Module 6.5 Medium2025-05-13
CVE-2025-1087 Arbitrary Code Execution in Kong Insomnia Desktop Application — Insomnia 8.8AIHighAI2025-05-09
CVE-2025-4376 Cross-Site Scripting vulnerability in Model Search in Pro Cloud Server's WebEA — Pro Cloud Server 6.1AIMediumAI2025-05-09
CVE-2025-40846 HaloITSM open redirect via the returnUrl — ITSM 6.1AIMediumAI2025-05-08
CVE-2025-20197 Cisco IOS XE 输入验证错误漏洞 — Cisco IOS XE Software 6.7 Medium2025-05-07
CVE-2025-20154 Cisco IOS, IOS XE and IOS XR Software TWAMP Denial of Service Vulnerability — Cisco IOS XR Software 8.6 High2025-05-07
CVE-2025-21460 Improper Input Validation in Automotive Software platform based on QNX — Snapdragon 7.8 High2025-05-06
CVE-2024-49845 Improper Input Validation in HLOS — Snapdragon 7.8 High2025-05-06

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.