CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,472 vulnerabilities with CWE-20
CVE-2021-23028 HIGH
F5 <16.0.1.2, 15.1.3.1, 14.1.4.2, 13.1.4 - DoS
CVSS 7.5
CVE-2021-23036 HIGH
F5 BIG-IP Advanced Web Application Firewall 16.0.0-16.0.1 - Denial of Service via ASM and DataSafe Profile Configuration
CVSS 7.5
CVE-2021-23039 HIGH
F5 BIG-IP 12.1.0-12.1.5, 13.1.x, 14.1.0-14.1.2.7, 15.1.0-15.1.2, 16.0.0-16.0.1.1 - Denial of Service via IPSec Request
CVSS 7.5
CVE-2021-23035 HIGH
F5 BIG-IP 14.1.0-14.1.4.3 - Denial of Service via Chunked HTTP Responses
CVSS 7.5
CVE-2021-23034 HIGH
BIG-IP <16.1.0, 15.1.x <15.1.3.1 - DoS
CVSS 7.5
CVE-2021-23033 HIGH
F5 Big-ip Advanced Web Application Firewall < 12.1.6 - Improper Input Validation
CVSS 7.5
CVE-2021-23032 HIGH
F5 Big-ip Domain Name System < 12.1.6 - Improper Input Validation
CVSS 7.5
CVE-2021-23045 HIGH
BIG-IP <16.0.1.2, 15.1.3.1, 14.1.4.3, 13.1.4.1, 12.1.x - DoS
CVSS 7.5
CVE-2021-23044 HIGH
F5 Big-ip Access Policy Manager < 11.6.5 - Improper Input Validation
CVSS 7.5
CVE-2021-20569 MEDIUM
IBM Security Secret Server <11.0 - Info Disclosure
CVSS 5.3
CVE-2021-23051 HIGH
F5 BIG-IP 15.1.0.4-15.1.3 - Denial of Service via DPDK/ENA Driver Request Handling
CVSS 7.5
CVE-2021-23048 HIGH
BIG-IP <16.0.1.2, 15.1.3.1, 14.1.4.3, 13.1.4.1, 12.1.x, 11.6.x - DoS
CVSS 7.5
CVE-2021-37206 HIGH
SIPROTEC 5 < 8.80 - Unauthenticated DoS via Malformed Ethernet Packets
CVSS 7.5
CVE-2021-25465 LOW
Samsung Themes < 5.2.01 - Man-in-the-Middle Attack via Improper Scheme Check
CVSS 3.3
CVE-2021-25457 MEDIUM
DSP driver <SMR Sep-2021 Release 1 - Info Disclosure
CVSS 5.9
CVE-2021-25453 MEDIUM
Bluetooth <SMR Sep-2021 Release 1 - Info Disclosure
CVSS 5.1
CVE-2021-25452 MEDIUM
DSP driver <SMR Sep-2021 Release 1 - DoS
CVSS 5.5
CVE-2021-25450 MEDIUM
FactoryAirCommnadManger <SMR Sep-2021 Release 1 - Path Traversal
CVSS 4.5
CVE-2021-1960 MEDIUM
Qualcomm AQT1000 Firmware - Denial of Service via Crafted ASB-C Broadcast Packet
CVSS 6.5
CVE-2021-30693 HIGH
Apple macOS, iOS, and iPadOS - Code Execution via Malicious Image
CVSS 7.8
CVE-2021-30681 HIGH
iPadOS < 14.6 - Privilege Escalation via Symlink Validation Issue
CVSS 7.8
CVE-2021-30671 LOW
macOS 10.15-10.15.5 and 11.0-11.3 - Unauthorized Apple Event Injection via Finder
CVSS 3.3
CVE-2021-1807 MEDIUM
iPadOS < 14.5 - Arbitrary File Write
CVSS 5.5
CVE-2021-30763 MEDIUM
iPadOS < 14.7 - Shortcut Internet Permission Bypass via Input Validation Issue
CVSS 5.5
CVE-2021-39263 HIGH
NTFS-3G < 2021.8.22 - Heap-Based Buffer Overflow via Unsanitized Attribute in ntfs_get_attribute_value
CVSS 7.8
Details
Vulnerabilities 12,472
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits