Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3267

3267 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-21693 iccDEV has Type Confusion in CIccSegmentedCurveXml::ToXml() at IccXML/IccLibXML/IccMpeXml.cpp — iccDEV 8.8 High2026-01-07
CVE-2026-21692 iccDEV has Type Confusion in ToXmlCurve() at IccXML/IccLibXML/IccMpeXml.cpp — iccDEV 8.8 High2026-01-07
CVE-2026-21691 iccDEV has Type Confusion in CIccTag:IsTypeCompressed() — iccDEV 5.4 Medium2026-01-07
CVE-2026-21690 iccDEV has Type Confusion in CIccTagXmlTagData::ToXml() — iccDEV 6.3 Medium2026-01-07
CVE-2026-21689 iccDEV has Type Confusion in CIccProfileXml::ParseBasic() at IccXML/IccLibXML/IccProfileXml.cpp — iccDEV 6.5 Medium2026-01-07
CVE-2026-21688 iccDEV has Type Confusion in SIccCalcOp::ArgsPushed() at IccProfLib/IccMpeCalc.cpp — iccDEV 8.8 High2026-01-07
CVE-2026-21687 iccDEV has Undefined Behavior in CIccTagCurve::CIccTagCurve() — iccDEV 7.1 High2026-01-07
CVE-2026-21686 iccDEV has Undefined Behavior in CIccTagLutAtoB::Validate() — iccDEV 7.1 High2026-01-07
CVE-2026-21685 iccDEV has Undefined Behavior in CIccTagLut16::Read() — iccDEV 7.1 High2026-01-07
CVE-2026-21684 iccDEV has Undefined Behavior in CIccTagSpectralViewingConditions() — iccDEV 7.1 High2026-01-07
CVE-2026-21683 iccDEV has Type Confusion in icStatusCMM::CIccEvalCompare::EvaluateProfile() — iccDEV 8.8 High2026-01-07
CVE-2026-21682 iccDEV has heap-buffer-overflow in CIccXmlArrayType::ParseText() — iccDEV 8.8 High2026-01-07
CVE-2026-21681 iccDEV has Undefined Behavior runtime error: nan is outside the range .. IccProfLib/IccTagBasic.cpp — iccDEV 7.1 High2026-01-07
CVE-2026-21679 iccDEV has heap-buffer-overflow vulnerability in CIccLocalizedUnicode::GetText() — iccDEV 8.8 High2026-01-07
CVE-2026-21678 iccDEV has heap-buffer-overflow vulnerability on IccTagXml() — iccDEV 7.8 High2026-01-07
CVE-2026-21506 iccDEV is Vulnerable to Null Pointer Dereference in CIccProfileXml::ParseBasic() Leading to Denial of Service — iccDEV 5.5 Medium2026-01-07
CVE-2026-21505 iccDEV has Undefined Behavior (UB) - Invalid Enum Value — iccDEV 5.5 Medium2026-01-07
CVE-2026-21503 iccDEV has Undefined Behavior - Null Pointer Passed to memcpy() in CIccTagSparseMatrixArray — iccDEV 6.1 Medium2026-01-07
CVE-2026-21501 Stack Overflow in iccDEV Calculator Parser — iccDEV 5.5 Medium2026-01-07
CVE-2026-21502 NULL Pointer Dereference in iccDEV XML Tag Parser — iccDEV 5.5 Medium2026-01-07
CVE-2026-21500 Stack Overflow in iccDEV XML Calculator Macro Expansion — iccDEV 5.5 Medium2026-01-07
CVE-2026-21499 NULL Pointer Dereference in iccDEV XML Parser — iccDEV 5.5 Medium2026-01-07
CVE-2026-21498 NULL Pointer Dereference in iccDEV XML Calculator Parser — iccDEV 5.5 Medium2026-01-07
CVE-2026-21496 NULL Pointer Dereference in iccDEV Signature Parser — iccDEV 5.5 Medium2026-01-07
CVE-2026-21497 NULL Pointer Dereference in iccDEV Unknown Tag Parser — iccDEV 5.5 Medium2026-01-07
CVE-2026-21495 Division by Zero in iccDEV TIFF Image Reader — iccDEV 5.5 Medium2026-01-07
CVE-2025-12543 Undertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf — Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11 9.6 Critical2026-01-07
CVE-2026-21487 iccDEV has Out-of-bounds Read, Use of Out-of-range Pointer Offset and Improper Input Validation — iccDEV 6.1 Medium2026-01-06
CVE-2026-21485 iccDEV Undefined Behavior (UB) and Out of Memory in CIccProfile::LoadTag() — iccDEV 8.8 High2026-01-06
CVE-2025-61916 Spinnaker vulnerable to SSRF due to improper restrictions on http from user input — spinnaker 7.9 High2026-01-05

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3267 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.