CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,472 vulnerabilities with CWE-20
CVE-2021-39262 HIGH
NTFS-3G < 2021.8.22 - Out-of-Bounds Access via Crafted NTFS Image
CVSS 7.8
CVE-2021-39261 HIGH
NTFS-3G < 2021.8.22 - Heap-Based Buffer Overflow via Crafted NTFS Image
CVSS 7.8
CVE-2021-39260 HIGH
NTFS-3G < 2021.8.22 - Out-of-Bounds Access via Crafted NTFS Image
CVSS 7.8
CVE-2021-39259 HIGH
NTFS-3G < 2021.8.22 - Out-of-Bounds Access via Unsanitized Attribute Length
CVSS 7.8
CVE-2021-39258 HIGH
NTFS-3G < 2021.8.22 - Out-of-bounds Read in ntfs_attr_find and ntfs_external_attr_find
CVSS 7.8
CVE-2021-39256 HIGH
NTFS-3G < 2021.8.22 - Heap-Based Buffer Overflow via Crafted NTFS Image
CVSS 7.8
CVE-2021-39255 HIGH
NTFS-3G < 2021.8.22 - Out-of-bounds Read in ntfs_attr_find_in_attrdef
CVSS 7.8
CVE-2021-39254 HIGH
NTFS-3G < 2021.8.22 - Heap-Based Buffer Overflow via Crafted NTFS Image
CVSS 7.8
CVE-2021-39253 HIGH
NTFS-3G < 2021.8.22 - Out-of-bounds Read via Crafted NTFS Image
CVSS 7.8
CVE-2021-39252 HIGH
NTFS-3G < 2021.8.22 - Out-of-bounds Read via Crafted NTFS Image
CVSS 7.8
CVE-2021-39251 HIGH
NTFS-3G < 2021.8.22 - Denial of Service via Crafted NTFS Image
CVSS 7.8
CVE-2021-33287 HIGH
NTFS-3G <2021.8.22 - Buffer Overflow
CVSS 7.8
CVE-2021-35268 HIGH
NTFS-3G <2021.8.22 - Memory Corruption
CVSS 7.8
CVE-2021-33285 HIGH
NTFS-3G <2021.8.22 - Buffer Overflow
CVSS 7.8
CVE-2021-39193 MEDIUM
Frontier < 2021-09-03 - Invalid Transaction Inclusion via Input Data Size Validation Bypass
CVSS 5.3
CVE-2021-35995 LOW
Adobe After Effects <18.2.1 - Info Disclosure
CVSS 3.3
CVE-2021-39186 MEDIUM
GlobalNewFiles < 2021-09-01 - Stored Cross-Site Scripting in Username Column
CVSS 4.3
CVE-2021-36048 HIGH
XMP Toolkit SDK < 2020.1 - Arbitrary Code Execution via Crafted File
CVSS 7.8
CVE-2021-36047 HIGH
XMP Toolkit SDK < 2020.1 - Arbitrary Code Execution via Crafted File
CVSS 7.8
CVE-2021-36044 HIGH
Magento Commerce <2.4.2-2.3.7 - DoS
CVSS 7.5
CVE-2021-36042 CRITICAL
Adobe Commerce/Magento Open Source <=2.4.2-p1 - Admin File Upload Code Execution
CVSS 9.1
CVE-2021-36041 CRITICAL
Adobe Commerce/Magento Open Source <=2.4.2-p1 - Admin pub/media Upload Code Execution
CVSS 9.1
CVE-2021-36040 CRITICAL
Adobe Commerce/Magento Open Source <=2.4.2-p1 - Admin File Extension Bypass Code Execution
CVSS 9.1
CVE-2021-36038 MEDIUM
Magento Commerce <2.4.2-2.3.7 - Info Disclosure
CVSS 6.5
CVE-2021-36035 CRITICAL
Adobe Commerce/Magento Open Source <=2.4.2-p1 - Admin Adobe Stock API Code Execution
CVSS 9.1
Details
Vulnerabilities 12,472
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits