CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,563 vulnerabilities with CWE-20
CVE-2021-20247 HIGH
mbsync < 1.3.5 - Path Traversal via IMAP Mailbox Name
CVSS 7.4
CVE-2021-21060 MEDIUM
Adobe Acrobat/Reader <17.011.30188/<20.013.20074 - Unauthenticated Info Disclosure via Malicious File
CVSS 4.6
CVE-2021-27179 HIGH
FiberHome HG6245D Firmware < RP2613 - Denial of Service via Telnet Daemon String
CVSS 7.5
CVE-2021-21126 MEDIUM
Google Chrome <88.0.4324.96 - Auth Bypass
CVSS 6.5
CVE-2021-21123 MEDIUM
Google Chrome < 88.0.4324.96 - Filesystem Restriction Bypass via File System API
CVSS 6.5
CVE-2021-0350 MEDIUM
Android 8.1-11 - Denial of Service in ged via Improper Input Validation
CVSS 4.4
CVE-2021-0345 MEDIUM
Android 10-11 - Local Privilege Escalation via mobile_log_d Improper Input Validation
CVSS 6.7
CVE-2021-1318 HIGH
Cisco RV016, RV042, RV042G, RV082, RV320, and RV325 Routers - Authenticated OS Command Injection
CVSS 7.2
CVE-2021-1317 HIGH
Cisco RV016, RV042, RV042G, RV082, RV320, RV325 Routers - Authenticated RCE via Web Interface
CVSS 7.2
CVE-2021-1316 HIGH
Cisco Small Business RV Series Routers - Authenticated OS Command Injection via Web Management Interface
CVSS 7.2
CVE-2021-1315 HIGH
Cisco RV016, RV042, RV042G, RV082, RV320, RV325 Routers - Authenticated RCE via Web Interface
CVSS 7.2
CVE-2021-1314 HIGH
Cisco RV016, RV042, RV042G, RV082, RV320, and RV325 Routers - Authenticated OS Command Injection
CVSS 7.2
CVE-2021-1221 MEDIUM
Cisco Webex Meetings <41.1.0 & Webex Meetings Server <3.0 - Authenticated Hyperlink Injection
CVSS 4.1
CVE-2021-3176 HIGH
Mitel BusinessCTI Enterprise < 6.4.15 and 7.x < 7.1.2 - Information Disclosure via HTTP Link Input Validation
CVSS 8.0
CVE-2021-3195 HIGH
Bitcoin Core < 0.21.0 - Arbitrary File Write via dumpwallet RPC Call
CVSS 7.5
CVE-2021-1250 MEDIUM
Cisco Data Center Network Manager < 11.5(1) - Cross-Site Scripting and Reflected File Download
CVSS 6.5
CVE-2021-1249 MEDIUM
Cisco Data Center Network Manager < 11.5(1) - Cross-Site Scripting and Reflected File Download
CVSS 6.5
CVE-2021-1233 MEDIUM
Cisco SD-WAN Software - Info Disclosure
CVSS 4.4
CVE-2021-1142 CRITICAL
Cisco Smart Software Manager Satellite - RCE
CVSS 9.8
CVE-2021-1141 CRITICAL
Cisco Smart Software Manager Satellite - RCE
CVSS 9.8
CVE-2021-1140 CRITICAL
Cisco Smart Software Manager Satellite - RCE
CVSS 9.8
CVE-2021-1139 CRITICAL
Cisco Smart Software Manager Satellite - RCE
CVSS 9.8
CVE-2021-1138 CRITICAL
Cisco Smart Software Manager Satellite - RCE
CVSS 9.8
CVE-2021-1305 HIGH
Cisco SD-WAN vManage Software - Authenticated Authorization Bypass and Information Disclosure
CVSS 8.8
CVE-2021-1304 HIGH
Cisco Catalyst SD-WAN Manager - Authenticated Authorization Bypass and Information Disclosure
CVSS 8.8
Details
Vulnerabilities 12,563
Exploit Likelihood High