The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,560 vulnerabilities with CWE-20
CVE-2021-22678
HIGH
Cscape <9.90 SP4 - Memory Corruption
CVSS 7.8
CVE-2021-0267
HIGH
Juniper Junos OS 19.4-20.3 - Denial of Service via Crafted DHCP Packet in JDHCPD DHCP Relay Agent
CVSS 7.4
CVE-2021-0214
MEDIUM
Juniper Junos OS - Denial of Service via Malformed Packet in PPMD
CVSS 6.5
CVE-2021-31555
HIGH
MediaWiki < 1.35.2 - Improper Input Validation in Oauth Extension
CVSS 7.5
CVE-2021-29462
HIGH
pupnp < 1.14.6 - DNS Rebinding Attack via Missing Host Header Validation
CVSS 7.6
CVE-2021-3038
MEDIUM
Palo Alto Networks GlobalProtect <5.1.8-5.2.4 - DoS
CVSS 5.5
CVE-2021-29432
MEDIUM
matrix-sydent < 2.3.0 - Arbitrary Email Spoofing via Identity Server
CVSS 5.3
CVE-2021-29431
HIGH
Sydent < 2.3.0 - Server-Side Request Forgery via HTTP GET Request
CVSS 7.7
CVE-2021-29430
HIGH
Sydent < 2.3.0 - Unauthenticated Denial of Service via Unbounded HTTP Request/Response
CVSS 7.5
CVE-2021-29433
MEDIUM
Sydent < 2.3.0 - Uncontrolled Resource Consumption via Third-Party Identifier Confirmation Endpoint
CVSS 4.3
CVE-2021-26415
HIGH
Windows Installer - Elevation of Privilege via Improper Input Validation
CVSS 7.8
CVE-2021-23279
HIGH
Eaton Intelligent Power Manager < 1.69 - Unauthenticated Arbitrary File Delete
CVSS 8.0
CVE-2021-23278
HIGH
Eaton IPM <1.69 - Privilege Escalation
CVSS 8.7
CVE-2021-0400
MEDIUM
Android - Incorrect Emergency Location Reporting via Improper Input Validation
CVSS 5.5
CVE-2021-29425
MEDIUM
Apache Commons IO - Path Traversal via FileNameUtils.normalize
CVSS 4.8
CVE-2021-21393
MEDIUM
Synapse 0.24.0-1.27.9 - Denial of Service via Third-Party Identifier Confirmation Endpoint
CVSS 5.3
CVE-2021-21394
MEDIUM
Synapse 0.17.0-1.27.9 - Denial of Service via Third-Party Identifier Confirmation Endpoint
CVSS 5.3
CVE-2021-25378
MEDIUM
Samsung SmartThings < 1.7.63.6 - Remote Denial of Service via Improper Port Access Control
CVSS 4.3
CVE-2021-25356
HIGH
Managed Provisioning <SMR APR-2021 Release 1 - Privilege Escalation
CVSS 7.1
CVE-2021-21431
HIGH
sopel-channelmgnt < 2.0.1 - Improper Access Control via Multi-User Kick Command
CVSS 7.6
CVE-2021-3482
MEDIUM
exiv2 <= 0.27.4-RC1 - Heap-Based Buffer Overflow via JPG EXIF Data
CVSS 6.5
CVE-2021-1404
HIGH
ClamAV 0.103.0 and 0.103.1 - Denial of Service via PDF Parsing Heap Buffer Over-Read
CVSS 7.5
CVE-2021-1252
HIGH
ClamAV 0.103.0 and 0.103.1 - Denial of Service via Excel XLM Macro Parsing
CVSS 7.5
CVE-2021-1480
HIGH
Cisco Catalyst SD-WAN Manager 20.4-20.4.1 and SD-WAN vManage < 19.2.4 - Unauthenticated Remote Code Execution
CVSS 7.8
CVE-2021-1459
CRITICAL
Cisco RV110W RV130 RV130W RV215W - Unauthenticated Remote Code Execution via Web Interface
CVSS 9.8
Details
Vulnerabilities
12,560
Exploit Likelihood
High