CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,470 vulnerabilities with CWE-20
CVE-2021-44369 HIGH
Reolink RLC-410W Firmware 3.0.0.136_20121102 - Denial of Service via cgiserver.cgi JSON Command Parser
CVSS 7.7
CVE-2021-44368 HIGH
Reolink RLC-410W Firmware 3.0.0.136_20121102 - Denial of Service via cgiserver.cgi JSON Command Parser
CVSS 7.7
CVE-2021-44367 HIGH
Reolink RLC-410W Firmware 3.0.0.136_20121102 - Denial of Service via cgiserver.cgi JSON Command Parser
CVSS 7.7
CVE-2021-44365 HIGH
Reolink RLC-410W Firmware 3.0.0.136_20121102 - Denial of Service via cgiserver.cgi JSON Command Parser
CVSS 7.7
CVE-2021-44364 HIGH
Reolink RLC-410W Firmware 3.0.0.136_20121102 - Denial of Service via cgiserver.cgi JSON Command Parser
CVSS 7.7
CVE-2021-44363 HIGH
Reolink RLC-410W Firmware 3.0.0.136_20121102 - Denial of Service via cgiserver.cgi JSON Command Parser
CVSS 7.7
CVE-2021-44362 HIGH
Reolink RLC-410W Firmware 3.0.0.136_20121102 - Denial of Service via SetCloudSchedule Parameter
CVSS 7.7
CVE-2021-44361 HIGH
Reolink RLC-410W Firmware 3.0.0.136_20121102 - Denial of Service via cgiserver.cgi JSON Command Parser
CVSS 7.7
CVE-2021-44360 HIGH
Reolink RLC-410W Firmware 3.0.0.136_20121102 - Denial of Service via cgiserver.cgi JSON Command Parser
CVSS 7.7
CVE-2021-44359 HIGH
Reolink RLC-410W Firmware 3.0.0.136_20121102 - Denial of Service via SetCrop Parameter
CVSS 7.7
CVE-2021-44358 HIGH
Reolink RLC-410W Firmware 3.0.0.136_20121102 - Denial of Service via cgiserver.cgi JSON Command Parser
CVSS 7.7
CVE-2021-40423 HIGH
Reolink RLC-410W v3.0.0.136_20121102 - DoS
CVSS 7.5
CVE-2021-22827 HIGH
EcoStruxure Power Monitoring Expert <9.0 - RCE
CVSS 8.8
CVE-2021-22826 HIGH
EcoStruxure Power Monitoring Expert <9.0 - RCE
CVSS 8.8
CVE-2021-29845 HIGH
IBM Security Guardium Insights 3.0 - Authenticated Unauthorized Action via Improper Input Validation
CVSS 8.8
CVE-2021-45223 MEDIUM
COINS Construction Cloud 11.12 - Denial of Service via Forced Server Crash
CVSS 6.5
CVE-2021-43588 MEDIUM
Dell EMC Data Protection Central <19.5 - DoS
CVSS 4.3
CVE-2021-36343 HIGH
Dell Alienware BIOS Authenticated Arbitrary Code Execution in SMRAM via SMI
CVSS 7.5
CVE-2021-36342 HIGH
Dell Alienware BIOS Authenticated Arbitrary Code Execution in SMRAM via SMI
CVSS 7.5
CVE-2021-42555 HIGH
Pexip Infinity 25.0-26.1 - Denial of Service via Call-Setup Input Validation
CVSS 7.5
CVE-2021-35969 HIGH
Pexip Infinity >=22.0 <26 - Denial of Service via Call-Setup Input Validation
CVSS 7.5
CVE-2021-33499 HIGH
Pexip Infinity < 26 - Denial of Service via H.264 Input Validation Bypass
CVSS 7.5
CVE-2021-33498 HIGH
Pexip Infinity < 26 - Denial of Service via H.264 Input Validation Bypass
CVSS 7.5
CVE-2021-32545 HIGH
Pexip Infinity < 26 - Denial of Service via RTMP Input Validation
CVSS 7.5
CVE-2021-44530 CRITICAL
UniFi Network Controller < 6.5.53 - Remote Code Execution via Log4j JNDI Injection
CVSS 9.8
Details
Vulnerabilities 12,470
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits