CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,563 vulnerabilities with CWE-20
CVE-2020-12960 MEDIUM
AMD Radeon Software < 21.4.1 - Denial of Service via amdfender.sys InputBuffer
CVSS 5.5
CVE-2020-12929 HIGH
AMD Graphics Driver - Privilege Escalation
CVSS 7.8
CVE-2020-10054 MEDIUM
SIMATIC RTLS Locating Manager < 2.12 - Denial of Service via Large Configuration File Import
CVSS 5.5
CVE-2020-7867 HIGH
helpuviewer - Unauthenticated Arbitrary File Creation and Execution via File Transfer Menu
CVSS 8.0
CVE-2020-18685 CRITICAL
Floodlight < 1.2 - Improper Input Validation in StaticFlowEntryPusherResource
CVSS 9.8
CVE-2020-18683 CRITICAL
Floodlight < 1.2 - Improper Input Validation in StaticFlowEntryPusherResource
CVSS 9.8
CVE-2020-12080 HIGH
FlexNet Publisher 11.16.6 - Denial of Service via Message Protocol
CVSS 7.5
CVE-2020-24672 CRITICAL
Base Software for SoftControl - Code Injection
CVSS 9.8
CVE-2020-7865 HIGH
inoguard execm_coreb2b < 1.1.0.4 - Unauthenticated Arbitrary File Download and Execution via httpDownload Function
CVSS 8.8
CVE-2020-7832 HIGH
dext5 < 5.0.0.117 - Unauthenticated Arbitrary File Download and Execution via AddUploadFile
CVSS 8.8
CVE-2020-9002 HIGH
iPortalis iCS 7.1.13.0 - Privilege Escalation via UserRoleKey Manipulation
CVSS 7.5
CVE-2020-35684 HIGH
HCC Nichestack 3.0 - Out-of-Bounds Read and Write via TCP Checksum Computation
CVSS 7.5
CVE-2020-7863 HIGH
File Transfer Solution - Command Injection
CVSS 8.8
CVE-2020-7866 HIGH
XPLATFORM <9.2.2.270 - Command Injection
CVSS 8.8
CVE-2020-5321 HIGH
Dell EMC OpenManage Enterprise < 3.2 & OpenManage Enterprise-Modular < 1.10.00 - Privilege Escalation
CVSS 7.6
CVE-2020-25868 HIGH
Pexip Infinity 22.0-24.1 - Unauthenticated Denial of Service via Call Setup Input
CVSS 7.5
CVE-2020-7870 MEDIUM
unidocs ezPDF Editor < 3.0.6.5 and ezPDF Reader < 3.0.0.2 - Memory Corruption via Improper Parameter Handling
CVSS 6.4
CVE-2020-7869 CRITICAL
ZOOK - Unauthenticated Arbitrary File Creation via Tight File CMD
CVSS 9.0
CVE-2020-7871 HIGH
Cnesty Helpcom < 10.0 - Unauthenticated OS Command Injection via Insufficient Parameter Validation
CVSS 7.5
CVE-2020-7862 HIGH
HelpU Remote Control Solution - Authenticated Remote Code Execution via Customer Process Communication
CVSS 7.0
CVE-2020-27339 MEDIUM
Insyde InsydeH2O 5.x < 5.34.44 - Memory Corruption via SMM Driver CommBuffer Validation
CVSS 6.7
CVE-2020-12986 HIGH
AMD Radeon Pro Software < 21.q1 & Radeon Software < 20.7.1 - Kernel Code Execution via Pointer Validation
CVSS 7.8
CVE-2020-12985 HIGH
AMD Graphics Driver - Privilege Escalation/DoS
CVSS 7.8
CVE-2020-8700 MEDIUM
Intel(R) Processors - Privilege Escalation
CVSS 6.7
CVE-2020-24486 MEDIUM
Intel BIOS - Authenticated Denial of Service via Improper Input Validation
CVSS 5.5
Details
Vulnerabilities 12,563
Exploit Likelihood High