The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,563 vulnerabilities with CWE-20
CVE-2021-1060
HIGH
NVIDIA vGPU <8.6-11.3 - Buffer Overflow
CVSS 7.1
CVE-2021-1053
MEDIUM
NVIDIA GPU Driver 390-392.63 - Denial of Service via Kernel Mode Layer Pointer Validation
CVSS 5.5
CVE-2020-37216
HIGH
Hirschmann HiOS EtherNet/IP Stack Denial of Service
CVSS 7.5
CVE-2020-12487
HIGH
vivo ABE < 4.4.0.9 - OS Command Injection via Input Parameter Verification Flaw
CVSS 7.0
CVE-2020-3538
MEDIUM
Cisco Data Center Network Manager < 11.4(1) - Authenticated Path Traversal via REST API Endpoint
CVSS 4.6
CVE-2020-11850
HIGH
OpenText Self Service Password Reset < 4.5.0.2 and 4.4.0.6 - Cross-Site Scripting
CVSS 7.3
CVE-2020-26082
MEDIUM
Cisco AsyncOS < 13.5.2 - Unauthenticated Content Filter Bypass via Password-Protected Zip Files
CVSS 5.8
CVE-2020-5002
MEDIUM
IBM Financial Transaction Manager 3.2.0-3.2.10 - Authenticated Unauthorized Action via Improper Input Validation
CVSS 4.3
CVE-2020-36564
HIGH
nosurf < 1.1.1 - Improper Input Validation
CVSS 7.5
CVE-2020-35509
MEDIUM
Keycloak 11.0.3 and 12.0.0 - Improper Certificate Validation in Direct-Grant Authenticator
CVSS 5.4
CVE-2020-1756
HIGH
Moodle <3.8.2-3.5.11 - Info Disclosure
CVSS 7.2
CVE-2020-6998
MEDIUM
Rockwell Automation CompactLogix 5370 and ControlLogix 5570 < 33 - Denial of Service via CIP Packet Request
CVSS 5.8
CVE-2020-35169
CRITICAL
Dell BSAFE <4.1.5-4.5.2 - Info Disclosure
CVSS 9.1
CVE-2020-29508
MEDIUM
Dell BSAFE <4.1.5-4.6 - Info Disclosure
CVSS 5.3
CVE-2020-29507
MEDIUM
Dell BSAFE <4.1.4-4.4 - Improper Input Validation
CVSS 5.3
CVE-2020-26185
HIGH
Dell BSAFE Micro Edition Suite < 4.5.1 - Out-of-bounds Read
CVSS 7.5
CVE-2020-29013
MEDIUM
FortiSandbox < 3.2.2 - Authenticated Denial of Service via Sniffer Interface
CVSS 5.4
CVE-2020-25721
HIGH
Samba 4.13.0-4.13.13 - Improper Input Validation in Kerberos Ticket Handling
CVSS 8.8
CVE-2020-15936
LOW
FortiOS < 5.6.13 - Sensitive Information Disclosure via SNI Client Hello TLS Packets
CVSS 2.6
CVE-2020-25717
HIGH
Samba 3.0.0-4.13.13 - Authenticated Privilege Escalation via Domain User Mapping
CVSS 8.1
CVE-2020-5956
HIGH
InsydeH2O <5.1-5.4 - Code Injection
CVSS 7.5
CVE-2020-7880
HIGH
NeoRS ActiveX - Remote File Download and Execution via StartNeoRS
CVSS 7.5
CVE-2020-12961
HIGH
AMD EPYC 7003/7002/72F3/7313/7313P/7343/73F3/7413/7443/7443P/7453/74F3/7513 Firmware Privilege Escalation via SMN
CVSS 7.8
CVE-2020-12946
HIGH
AMD EPYC Firmware - Denial of Service via Discrete TPM Command Input Validation
CVSS 7.1
CVE-2020-12944
HIGH
AMD EPYC Firmware - Arbitrary Code Execution via Insufficient BIOS Image Validation
CVSS 7.8
Details
Vulnerabilities
12,563
Exploit Likelihood
High