CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,470 vulnerabilities with CWE-20
CVE-2021-39220 LOW
Nextcloud Mail < 1.10.4 - Privacy Filter Bypass via Relative Protocol Images
CVSS 3.5
CVE-2021-38485 HIGH
Emerson Wireless Gateway Firmware <= 4.7.94 - Improper Input Validation
CVSS 8.0
CVE-2021-0651 MEDIUM
Android - Denial of Service via Long App Label in PackageItemInfo
CVSS 5.5
CVE-2021-38455 HIGH
versiondog < 8.0.0 - Improper Input Validation in OS Service
CVSS 7.3
CVE-2021-41168 MEDIUM
reddit/snudown < 1.7.0 - Denial of Service via Reference Table Hash Collision
CVSS 6.5
CVE-2021-34736 MEDIUM
Cisco Unified Computing System < 4.1(2g) - Unauthenticated Denial of Service via Crafted HTTP Request
CVSS 5.3
CVE-2021-35611 MEDIUM
Oracle E-Business Suite <12.2.11 - DoS
CVSS 4.3
CVE-2021-30310 HIGH
Qualcomm APQ8009 Firmware - Buffer Overflow via CF-ACK and CF-Poll Data Frames
CVSS 7.5
CVE-2021-30305 HIGH
Snapdragon Auto-Snapdragon Industrial IOT - Buffer Overflow
CVSS 8.4
CVE-2021-1969 MEDIUM
Qualcomm AQT1000 Firmware - Kernel Memory Information Exposure via Improper Input Validation
CVSS 6.2
CVE-2021-1968 MEDIUM
Qualcomm Firmware - Kernel Memory Information Exposure via Improper Input Validation
CVSS 6.2
CVE-2021-31376 HIGH
Juniper Junos OS 18.4R3-S7-18.4R3-S8 on ACX Series - Denial of Service via DHCPv6 Packet Processing
CVSS 7.5
CVE-2021-31375 HIGH
Juniper Networks Junos OS <12.3R12-S18, <15.1R7-S9, <17.2 - RPKI Po...
CVSS 7.2
CVE-2021-31373 HIGH
Juniper Junos OS on SRX Series - Authenticated Stored Cross-Site Scripting in J-Web Interface
CVSS 8.0
CVE-2021-31372 HIGH
Juniper Junos OS Multiple Versions - Authenticated Privilege Escalation via J-Web
CVSS 8.8
CVE-2021-31360 HIGH
Junos OS and Junos OS Evolved - Improper Privilege Management via CLI File Overwrite
CVSS 7.1
CVE-2021-41138 MEDIUM
Frontier 2021-09-30-2021-10-13 - Improper Input Validation in Ethereum Extrinsic Transaction Validation
CVSS 5.3
CVE-2021-33609 MEDIUM
com.vaadin:vaadin-server <8.14.0 - DoS
CVSS 4.3
CVE-2021-42009 MEDIUM
Apache Traffic Control < 5.1.3 - Authenticated Arbitrary Email Spoofing via Delivery Service Request Endpoint
CVSS 4.3
CVE-2021-42257 HIGH
check_smart < 6.9.1 - Unauthenticated Unintended Drive Access via Unanchored Regular Expression
CVSS 7.1
CVE-2021-25738 MEDIUM
kubernetes/java < 9.0.2 and io.kubernetes/client-java < 11.0.1 - Remote Code Execution via YAML Deserialization
CVSS 6.7
CVE-2021-41133 HIGH
Flatpak <1.10.4-1.12.0 - Privilege Escalation
CVSS 8.8
CVE-2021-1534 MEDIUM
Cisco AsyncOS < 14.0.1 - Unauthenticated URL Filter Bypass via Crafted URL
CVSS 5.8
CVE-2021-25489 LOW KEV
Modem Interface Driver <SMR Oct-2021 Release 1 - Buffer Overflow
CVSS 3.3
CVE-2021-25485 HIGH
FactoryAirCommnadManger <SMR Oct-2021 Release 1 - Path Traversal
CVSS 7.5
Details
Vulnerabilities 12,470
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits