Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3266

3266 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-15545 Insufficient Backup File Upload Input Validation on TP-Link Archer RE605X — Archer RE605X 7.8AIHighAI2026-01-29
CVE-2026-23570 Log timestamp tampering vulnerability in Content Distribution Service — DEX 6.5 Medium2026-01-29
CVE-2026-23566 Log Injection in Content Distribution Service UDP Handler — DEX 6.5 Medium2026-01-29
CVE-2026-23571 Command Injection in 1E-Nomad-RunPkgStatusRequest Instruction in TeamViewer DEX — DEX 6.8 Medium2026-01-29
CVE-2026-24856 iccDEV has UB runtime error in <icTagTypeSignature> — iccDEV 7.8 High2026-01-28
CVE-2025-59895 Remote denial-of-service (DoS) vulnerability in Sync Breeze Enterprise Server — Sync Breeze Enterprise Server 7.5AIHighAI2026-01-28
CVE-2026-1315 Unauthenticated Denial of Service via Firmware Update Endpoint on TP-Link Tapo C220 & C520WS — Tapo C220 v1 6.5AIMediumAI2026-01-27
CVE-2026-0919 Unauthenticated Denial of Service via Oversized URL in HTTP Parser on TP-Link Tapo C220 & C520WS — Tapo C220 v1 7.5AIHighAI2026-01-27
CVE-2026-24348 Multiple cross-site scripting vulnerabilities in EZCast Pro II Dongle — EZCast Pro II 4.8AIMediumAI2026-01-27
CVE-2026-24347 Arbitrary file write to /tmp directory in EZCast Pro II Dongle — EZCast Pro II 7.5AIHighAI2026-01-27
CVE-2026-24345 Cross-Site Request Forgery in EZCast Pro II Dongle — EZCast Pro II 8.8AIHighAI2026-01-27
CVE-2026-24412 iccDEV has Heap Buffer Overflow in icCurvesFromXml() — iccDEV 8.8 High2026-01-24
CVE-2026-24411 iccDEV has Undefined Behavior and Null Pointer Deference in CIccTagXmlSegmentedCurve::ToXml() — iccDEV 7.1 High2026-01-24
CVE-2026-24410 iccDEV has Undefined Behavior and Null Pointer Deference in CIccProfileXml::ParseBasic() — iccDEV 7.1 High2026-01-24
CVE-2026-24409 iccDEV has Undefined Behavior and Null Pointer Deference in CIccTagXmlFloatNum<>::ParseXml() — iccDEV 7.1 High2026-01-24
CVE-2026-24407 iccDEV has Undefined Behavior in icSigCalcOp() — iccDEV 7.1 High2026-01-24
CVE-2026-24406 iccDEV has Heap Buffer Overflow in CIccTagNamedColor2::SetSize() — iccDEV 8.8 High2026-01-24
CVE-2026-24405 iccDEV has Heap Buffer Overflow in CIccMpeCalculator::Read() — iccDEV 8.8 High2026-01-24
CVE-2026-24404 iccDEV has Null Pointer Deference and Undefined Behavior in CIccXmlArrayType() — iccDEV 7.1 High2026-01-24
CVE-2026-24403 iccDEV Undefined Behavior in CIccProfile::CheckHeader() Leads to Integer Overflow — iccDEV 7.1 High2026-01-24
CVE-2026-1225 Malicious logback.xml configuration file allows instantiation of arbitrary classes — Logback-core 7.5AIHighAI2026-01-22
CVE-2026-22598 ManageIQ vulnerable to DoS Attack when creating TimeProfiles — manageiq 6.5AIMediumAI2026-01-21
CVE-2025-68134 EVerest's use of assert functions can potentially lead to denial of service — everest-core 7.4 High2026-01-21
CVE-2026-22444 Apache Solr: Insufficient file-access checking in standalone core-creation requests — Apache Solr 5.3AIMediumAI2026-01-21
CVE-2026-0933 OS Command Injection in `wrangler pages deploy` — Wrangler 9.8AICriticalAI2026-01-20
CVE-2026-0903 Google Chrome 输入验证错误漏洞 — Chrome 7.1 -2026-01-20
CVE-2026-23886 Swift W3C TraceContext has malformed HTTP header that can cause a crash — swift-w3c-trace-context 5.3 Medium2026-01-19
CVE-2026-23880 OnboardLite has stored Cross-site Scripting issue that may lead to admin Account Take Over — OnboardLite 7.3 High2026-01-19
CVE-2026-23841 Movary vulnerable to Cross-site Scripting with `?categoryCreated=` param — movary 9.3 Critical2026-01-19
CVE-2026-23840 Movary vulnerable to Cross-site Scripting with `?categoryDeleted=` param — movary 9.3 Critical2026-01-19

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3266 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.