CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,563 vulnerabilities with CWE-20
CVE-2020-10001 MEDIUM
macOS < 11.1.0 - Unprotected Memory Exposure via Input Validation Issue
CVSS 5.5
CVE-2020-7839 HIGH
MaEPSBroker <2.5.0.31 - Command Injection
CVSS 8.8
CVE-2020-25097 HIGH
Squid 2.0-4.13 and 5.0-5.0.4 - HTTP Request Smuggling via uri_whitespace Configuration
CVSS 8.6
CVE-2020-29029 HIGH
Secomea GateManager < 9.4.62105402 - Cross-Site Scripting in Web GUI
CVSS 7.3
CVE-2020-28591 MEDIUM
libslic3r 1.3.0 and Master Commit 92abbc42 - Out-of-bounds Read in AMF File AMFParserContext::endElement()
CVSS 6.5
CVE-2020-11988 HIGH
Apache XmlGraphics Commons < 2.4 - Server-Side Request Forgery via XMPParser
CVSS 8.2
CVE-2020-11987 HIGH
Apache Batik < 1.13 - Server-Side Request Forgery via NodePickerPanel
CVSS 8.2
CVE-2020-29075 HIGH
Adobe Acrobat/Reader DC < 20.013.20066 & < 17.011.30180 - DNS Info Exposure
CVSS 7.1
CVE-2020-11253 HIGH
Qualcomm AQT1000 and PMx Firmware - Arbitrary Memory Write in Video Driver
CVSS 7.8
CVE-2020-11204 HIGH
Qualcomm APQ8009 Firmware - Memory Corruption and Information Leakage via Shared MSG RAM Parameters
CVSS 7.8
CVE-2020-11195 HIGH
Qualcomm APQ8009 Firmware - Out-of-bounds Read and Write in TA Command Processing
CVSS 7.8
CVE-2020-11194 HIGH
Qualcomm AQT1000 Firmware - Memory Corruption via Improper Response Buffer Length Check
CVSS 7.8
CVE-2020-7849 HIGH
uPrism.io CURIX - Unauthenticated Remote Code Execution via Crafted URL
CVSS 8.0
CVE-2020-7848 HIGH
EFM ipTIME C200 - Command Injection
CVSS 8.0
CVE-2020-24505 MEDIUM
Intel Ethernet Network Adapter 700 Firmware < 7.3 - Denial of Service via Insufficient Input Validation
CVSS 4.4
CVE-2020-24502 MEDIUM
Intel(R) Ethernet E810 Adapter <1.0.4, <1.4.29.0 - DoS
CVSS 5.5
CVE-2020-24496 MEDIUM
Intel(R) 722 Ethernet Controllers <1.4.3 - DoS
CVSS 4.4
CVE-2020-24491 MEDIUM
Intel 10th Gen Core - Info Disclosure
CVSS 4.4
CVE-2020-24453 HIGH
Intel(R) EPID SDK <8 - Privilege Escalation
CVSS 7.8
CVE-2020-24452 MEDIUM
Intel(R) SGX Platform Software - DoS
CVSS 5.5
CVE-2020-12385 HIGH
Intel(R) Graphics Drivers <26.20.100.8141 - Privilege Escalation
CVSS 7.8
CVE-2020-12377 HIGH
Intel BMC Firmware < 2.47 - Authenticated Privilege Escalation via Local Access
CVSS 7.8
CVE-2020-12366 HIGH
Intel Graphics Drivers < 27.20.100.8587 - Privilege Escalation via Insufficient Input Validation
CVSS 7.8
CVE-2020-12363 MEDIUM
Intel Graphics Drivers < 26.20.100.7212 - Denial of Service via Improper Input Validation
CVSS 5.5
CVE-2020-7071 MEDIUM
PHP 7.3.0-7.3.25 - URL Validation Bypass via Invalid Password
CVSS 5.3
Details
Vulnerabilities 12,563
Exploit Likelihood High