The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,478 vulnerabilities with CWE-20
CVE-2021-1506
CRITICAL
Cisco Catalyst SD-WAN Manager 20.4-20.4.1 and SD-WAN vManage < 20.3.3 - Missing Authorization
CVSS 9.8
CVE-2021-1505
CRITICAL
Cisco Catalyst SD-WAN Manager 20.4-20.4.1 and SD-WAN vManage < 20.3.3 - Missing Authorization
CVSS 9.8
CVE-2021-1468
CRITICAL
Cisco Catalyst SD-WAN Manager 20.4-20.4.1 and SD-WAN vManage < 20.3.3 - Improper Authentication
CVSS 9.8
CVE-2021-1275
CRITICAL
Cisco Catalyst SD-WAN Manager 20.4-20.4.1 & vManage <20.3.3 - RCE & Info Disclosure
CVSS 9.8
CVE-2021-29242
HIGH
CODESYS Control Runtime < 3.5.17.0 - Improper Input Validation via Crafted Communication Packets
CVSS 7.3
CVE-2021-29486
HIGH
cumulative-distribution-function < 2.0.0 - Denial of Service via Infinite Loop on Non-Numeric Data
CVSS 7.5
CVE-2021-20326
MEDIUM
MongoDB 4.4.0-4.4.3 - Denial of Service via Find Query
CVSS 6.5
CVE-2021-29468
HIGH
Cygwin Git < 2.31.1-1 - Remote Code Execution via Malicious Repository Symbolic Links
CVSS 8.8
CVE-2021-1085
HIGH
NVIDIA vGPU <12.2, <11.4, <8.7 - Memory Corruption
CVSS 7.3
CVE-2021-1084
HIGH
NVIDIA vGPU <12.2-11.4 - Info Disclosure
CVSS 7.8
CVE-2021-1080
HIGH
NVIDIA vGPU <12.2-11.4-8.7 - Info Disclosure
CVSS 7.8
CVE-2021-21388
HIGH
systeminformation < 5.6.4 - OS Command Injection via Service Parameter Mishandling
CVSS 8.9
CVE-2021-1448
HIGH
Cisco Firepower Threat Defense 6.4.0 - Authenticated OS Command Injection via CLI
CVSS 7.8
CVE-2021-1402
HIGH
Cisco Firepower Threat Defense 6.3.0-6.3.9 - Unauthenticated Denial of Service via SSL/TLS Message Handling
CVSS 8.6
CVE-2021-31863
HIGH
Redmine < 4.0.9, 4.1.x < 4.1.3, 4.2.x < 4.2.1 - Arbitrary File Read via Git Repository Integration
CVSS 7.5
CVE-2021-29474
MEDIUM
HedgeDoc < 1.8.0 - Path Traversal and Arbitrary File Read via URL-Encoded Alias
CVSS 4.7
CVE-2021-21221
MEDIUM
Google Chrome <90.0.4430.72 - Info Disclosure
CVSS 6.5
CVE-2021-21208
MEDIUM
Google Chrome < 90.0.4430.72 - Domain Spoofing via QR Code
CVSS 6.5
CVE-2021-22678
HIGH
Cscape <9.90 SP4 - Memory Corruption
CVSS 7.8
CVE-2021-0267
HIGH
Juniper Junos OS 19.4-20.3 - Denial of Service via Crafted DHCP Packet in JDHCPD DHCP Relay Agent
CVSS 7.4
CVE-2021-0214
MEDIUM
Juniper Junos OS - Denial of Service via Malformed Packet in PPMD
CVSS 6.5
CVE-2021-31555
HIGH
MediaWiki < 1.35.2 - Improper Input Validation in Oauth Extension
CVSS 7.5
CVE-2021-29462
HIGH
pupnp < 1.14.6 - DNS Rebinding Attack via Missing Host Header Validation
CVSS 7.6
CVE-2021-3038
MEDIUM
Palo Alto Networks GlobalProtect <5.1.8-5.2.4 - DoS
CVSS 5.5
CVE-2021-29432
MEDIUM
matrix-sydent < 2.3.0 - Arbitrary Email Spoofing via Identity Server
CVSS 5.3
Details
Vulnerabilities
12,478
Exploit Likelihood
High