CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,478 vulnerabilities with CWE-20
CVE-2021-34300 HIGH
Siemens JT2Go and Teamcenter Visualization < 13.2.0 - Out-of-Bounds Write in TIFF Parser
CVSS 7.8
CVE-2021-34298 HIGH
Siemens JT2Go and Teamcenter Visualization < 13.2.0 - Remote Code Execution via BMP File Parsing
CVSS 7.8
CVE-2021-34297 HIGH
Siemens JT2Go and Teamcenter Visualization < 13.2.0 - Remote Code Execution via BMP File Parsing
CVSS 7.8
CVE-2021-34296 HIGH
Siemens JT2Go and Teamcenter Visualization < 13.2.0 - Out-of-bounds Read in BMP_Loader.dll
CVSS 7.8
CVE-2021-34295 HIGH
Siemens JT2Go and Teamcenter Visualization < 13.2.0 - Out-of-Bounds Write in GIF Parser
CVSS 7.8
CVE-2021-34294 HIGH
Siemens JT2Go and Teamcenter Visualization < 13.2.0 - Out-of-bounds Read in GIF Parser
CVSS 7.8
CVE-2021-34293 HIGH
Siemens JT2Go and Teamcenter Visualization < 13.2.0 - Out-of-Bounds Write in GIF Parser
CVSS 7.8
CVE-2021-34292 HIGH
Siemens JT2Go and Teamcenter Visualization < 13.2.0 - Out-of-bounds Read in Tiff_loader.dll
CVSS 7.8
CVE-2021-34291 HIGH
Siemens JT2Go and Teamcenter Visualization < 13.2 - Out-of-Bounds Write in GIF Parser
CVSS 7.8
CVE-2021-1970 HIGH
Qualcomm APQ8053 Firmware - Out-of-bounds Read in FT Sub-elements
CVSS 7.5
CVE-2021-1965 CRITICAL
Qualcomm Firmware - Buffer Overflow via MBSSID Scan IE Parse
CVSS 9.8
CVE-2021-32707 MEDIUM
Nextcloud Mail <1.9.6-1.10.0 - Info Disclosure
CVSS 4.3
CVE-2021-33012 HIGH
Rockwell Automation MicroLogix 1100 - DoS
CVSS 8.6
CVE-2021-3612 HIGH
Linux Kernel < 5.9.0 - Out-of-Bounds Write via JSIOCSBTNMAP ioctl
CVSS 7.8
CVE-2021-1562 MEDIUM
Cisco BroadWorks Application Server 22.0-22.0.2020.08 - Authenticated Information Disclosure via XSI-Actions Interface
CVSS 4.3
CVE-2021-25441 HIGH
AR Emoji Editor <4.4.03.5 - Privilege Escalation
CVSS 7.8
CVE-2021-25437 CRITICAL
Tizen < 5.5 - Unauthenticated Arbitrary Code Execution via FOTA Update File Replacement
CVSS 9.8
CVE-2021-25436 CRITICAL
Tizen < 5.5 - Remote Code Execution via Samsung Accessory Protocol
CVSS 9.8
CVE-2021-25435 CRITICAL
Tizen < 5.5 - Remote Code Execution via Wireless Firmware Download Mode
CVSS 9.8
CVE-2021-25434 CRITICAL
Tizen < 5.5 - Remote Code Execution via Wireless Firmware Download Mode
CVSS 9.8
CVE-2021-25428 HIGH
PackageManager <SMR July-2021 Release 1 - Privilege Escalation
CVSS 7.8
CVE-2021-31925 HIGH
Pexip Infinity 25.0-25.3 - Unauthenticated Denial of Service via Administrative Web Interface
CVSS 7.5
CVE-2021-26036 HIGH
Joomla! 2.5.0-3.9.27 - Denial of Service via Usergroup Table Manipulation
CVSS 7.5
CVE-2021-27660 HIGH
C-CURE 9000 Firmware < 2.80 - Remote Code Execution via Insecure Auto Update Feature
CVSS 8.8
CVE-2021-22349 HIGH
Huawei Smartphone - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 12,478
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits