CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,563 vulnerabilities with CWE-20
CVE-2021-1302 HIGH
Cisco Catalyst SD-WAN Manager - Authenticated Authorization Bypass and Information Disclosure
CVSS 8.8
CVE-2021-1301 CRITICAL
Cisco SD-WAN - Unauthenticated Remote Code Execution via Memory Buffer Overflow
CVSS 9.8
CVE-2021-1299 HIGH
Cisco SD-WAN Firmware - Authenticated Command Injection
CVSS 8.8
CVE-2021-1298 HIGH
Cisco SD-WAN Firmware - Authenticated Command Injection
CVSS 8.8
CVE-2021-1286 MEDIUM
Cisco Data Center Network Manager < 11.5(1) - Authenticated Cross-Site Scripting and Reflected File Download
CVSS 6.5
CVE-2021-1279 HIGH
Cisco SD-WAN - Unauthenticated Denial of Service
CVSS 8.6
CVE-2021-1263 HIGH
Cisco SD-WAN Firmware - Authenticated Command Injection
CVSS 7.8
CVE-2021-1262 HIGH
Cisco SD-WAN Firmware - Authenticated Command Injection
CVSS 7.8
CVE-2021-1261 HIGH
Cisco SD-WAN Firmware - Authenticated Command Injection
CVSS 7.8
CVE-2021-1260 HIGH
Cisco SD-WAN Firmware - Authenticated Command Injection
CVSS 7.8
CVE-2021-1253 MEDIUM
Cisco Data Center Network Manager < 11.5(1) - Authenticated Cross-Site Scripting and Reflected File Download
CVSS 6.5
CVE-2021-0208 HIGH
Juniper Networks Junos OS <17.3R3-S10 - DoS
CVSS 8.8
CVE-2021-23835 MEDIUM
flatcore < 2.0.0 - Authenticated Local File Disclosure via acp docs_file Parameter
CVSS 4.9
CVE-2021-1150 HIGH
Cisco Small Business RV110W-215W - Command Injection
CVSS 7.2
CVE-2021-1149 HIGH
Cisco Small Business RV110W-215W - Command Injection
CVSS 7.2
CVE-2021-1148 HIGH
Cisco Small Business RV110W-215W - Command Injection
CVSS 7.2
CVE-2021-1147 HIGH
Cisco Small Business RV110W-215W - Command Injection
CVSS 7.2
CVE-2021-1146 HIGH
Cisco Small Business RV110W-215W - Command Injection
CVSS 7.2
CVE-2021-3028 CRITICAL
git-big-picture < 1.0.0 - Remote Code Execution via Branch Name Handling
CVSS 9.8
CVE-2021-21606 MEDIUM
Jenkins < 2.263.1, < 2.274 - Unauthenticated XML File Existence Check via Fingerprint ID Validation
CVSS 4.3
CVE-2021-21464 MEDIUM
SAP 3D Visual Enterprise Viewer 9 - Denial of Service via PCX File Parsing
CVSS 4.3
CVE-2021-0322 MEDIUM
Android 9-11 - Local Information Disclosure via SlicePermissionActivity Input Validation
CVSS 5.0
CVE-2021-0313 HIGH
Android 8.0-11 - Denial of Service in LayoutUtils.cpp Word Break Handling
CVSS 7.5
CVE-2021-1066 MEDIUM
NVIDIA vGPU Manager 8.0-8.5 and 11.0 - Denial of Service via vGPU Plugin Input Validation
CVSS 5.5
CVE-2021-1065 HIGH
NVIDIA vGPU <8.6-11.3 - Buffer Overflow
CVSS 7.1
Details
Vulnerabilities 12,563
Exploit Likelihood High