The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,560 vulnerabilities with CWE-20
CVE-2021-1137
HIGH
Cisco Catalyst SD-WAN Manager 20.4-20.4.1 and SD-WAN vManage < 19.2.4 - Remote Code Execution and Privilege Escalation
CVSS 7.8
CVE-2021-21404
HIGH
Syncthing < 1.15.0 - Denial of Service via Negative Length Relay Message
CVSS 7.5
CVE-2021-29136
MEDIUM
umoci < 0.4.7 - Arbitrary File Write via Symlink Traversal in Unpack Operation
CVSS 5.5
CVE-2021-21533
MEDIUM
Dell Wyse Management Suite < 3.2 - Authenticated Denial of Service via Job Status Retrieval Page
CVSS 4.3
CVE-2021-21532
MEDIUM
Dell Wyse ThinOS < 8.6 - Improper Management Server Validation
CVSS 5.0
CVE-2021-1748
HIGH
iPadOS < 14.4 - Remote Code Execution via Malicious URL Processing
CVSS 8.8
CVE-2021-30004
MEDIUM
hostapd and wpa_supplicant - Forging Attack via AlgorithmIdentifier Mishandling
CVSS 5.3
CVE-2021-22538
MEDIUM
Google Exposure Notifications Verification Server < 0.23.1 - Improper Input Validation
CVSS 6.3
CVE-2021-29418
MEDIUM
netmask < 2.0.1 - IP Address Validation Bypass via Octal Digit Handling
CVSS 5.3
CVE-2021-21372
HIGH
Nim < 1.2.10 - Remote Code Execution via Nimble doCmd Command Injection
CVSS 8.3
CVE-2021-20206
HIGH
container_network_interface < 0.8.1 - Path Traversal via Plugin Type Field
CVSS 7.2
CVE-2021-1356
MEDIUM
Cisco IOS XE - Authenticated Denial of Service via Web UI Error Handling
CVSS 4.3
CVE-2021-1220
MEDIUM
Cisco IOS XE - Authenticated Denial of Service via Web UI HTTP Packet Handling
CVSS 4.3
CVE-2021-1469
CRITICAL
Cisco Jabber <12.1.5 - Program Execution and Network Traffic Exposure
CVSS 9.9
CVE-2021-1454
MEDIUM
Cisco IOS XE SD-WAN - Privilege Escalation
CVSS 6.0
CVE-2021-1432
HIGH
Cisco IOS XE SD-WAN - Authenticated Command Injection via CLI
CVSS 7.3
CVE-2021-1431
HIGH
Cisco IOS XE SD-WAN - Unauthenticated Denial of Service via Malformed Packet Handling
CVSS 7.5
CVE-2021-1383
MEDIUM
Cisco IOS XE SD-WAN - Privilege Escalation
CVSS 6.0
CVE-2021-20222
HIGH
Keycloak 9.0.0-12.0.2 - Cross-Site Scripting via Referrer URL
CVSS 7.5
CVE-2021-21357
HIGH
TYPO3 < 8.7.40, 9.5.25, 10.4.14, 11.1.1 - Authenticated Path Traversal and Arbitrary File Write via Form Designer Module
CVSS 8.3
CVE-2021-21267
HIGH
schema-inspector < 2.0.0 - Denial of Service via Email Validation ReDoS
CVSS 7.5
CVE-2021-20631
MEDIUM
Cybozu Office <10.8.4 - Info Disclosure
CVSS 6.5
CVE-2021-21726
LOW
ZTE ZXONE 9700, 8700, and 19700 Firmware - Denial of Service via Diagnostic Function Parameter Injection
CVSS 2.3
CVE-2021-21085
HIGH
Adobe Connect <11.0.7 - Code Injection
CVSS 7.8
CVE-2021-21069
HIGH
Adobe Creative Cloud Desktop App <5.3 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities
12,560
Exploit Likelihood
High