The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,563 vulnerabilities with CWE-20
CVE-2020-15293
MEDIUM
Bitdefender Hypervisor Introspection - Denial of Service via Guest-Data Input Validation
CVSS 6.1
CVE-2020-15292
MEDIUM
Bitdefender Hypervisor Introspection - Out-of-Bounds Read and DoS
CVSS 5.5
CVE-2020-5682
HIGH
GROWI < 3.8.2 - Denial of Service via Uncontrolled Resource Consumption
CVSS 7.5
CVE-2020-25759
HIGH
D-Link DSR Unified Services Router Firmware < 3.17 - Authenticated OS Command Injection via Multipart HTTP POST Request
CVSS 8.8
CVE-2020-25757
HIGH
D-Link DSR VPN Routers < 3.17 - Unauthenticated OS Command Injection via Lua CGI
CVSS 8.8
CVE-2020-25195
HIGH
Host Engineering H0-ECOM100, H2-ECOM100, H4-ECOM100 <4.0.348/<4.0.2148 DoS via Input Length Bypass
CVSS 7.5
CVE-2020-27029
MEDIUM
Android 11 - Denial of Service via TextView Input Validation
CVSS 6.5
CVE-2020-0493
MEDIUM
Android 11 - Out-of-Bounds Read in CPDF_SampledFunc::v_Call
CVSS 5.5
CVE-2020-0368
LOW
Android 11 - Local Information Disclosure via CallLogProvider Input Validation Bypass
CVSS 3.3
CVE-2020-17444
HIGH
picoTCP < 1.7.0 - Denial of Service via IPv6 Extension Header Length Overflow
CVSS 7.5
CVE-2020-17439
HIGH
uIP 1.0 - DNS Cache Poisoning via Improper Input Validation
CVSS 8.3
CVE-2020-15375
MEDIUM
Brocade Fabric OS <9.0.0,8.2.2c,8.2.1e,8.1.2k,8.2.0_CBN3,7.4.2g - P...
CVSS 6.7
CVE-2020-4633
HIGH
IBM Resilient SOAR V38.0 - Code Injection
CVSS 8.8
CVE-2020-27828
HIGH
jasper < 2.0.23 - Arbitrary Out-of-Bounds Write via JPC Encoder
CVSS 7.8
CVE-2020-26409
MEDIUM
Gitlab CE/EE >=10.3,<13.4.7,-<13.5.5,-<13.6.2 - DoS
CVSS 4.3
CVE-2020-26270
MEDIUM
TensorFlow <1.15.5, <2.0.4, <2.1.3, <2.2.2, <2.3.2, <2.4.0 - DoS
CVSS 4.4
CVE-2020-27614
HIGH
AnyDesk <6.0.2 - Privilege Escalation
CVSS 7.8
CVE-2020-9977
MEDIUM
iPadOS < 14.2 - Unauthenticated Information Disclosure via Entitlement Verification
CVSS 5.5
CVE-2020-5680
HIGH
EC-CUBE 3.0.5-3.0.18 - Denial of Service via Improper Input Validation
CVSS 7.5
CVE-2020-9115
HIGH
Huawei ManageOne 6.5.1.1.B010-6.5.1.1.B050, 8.0.0, 8.0.1 - Authenticated Command Injection via Plugin Component
CVSS 7.2
CVE-2020-16850
HIGH
Mitsubishielectric R00cpu Firmware < 20 - Denial of Service
CVSS 7.5
CVE-2020-27253
HIGH
FactoryTalk Linx < 6.11 - Unauthenticated Denial of Service via Malicious Packet
CVSS 7.5
CVE-2020-26243
HIGH
Nanopb <0.4.4 & <0.3.9.7 - Memory Corruption
CVSS 7.5
CVE-2020-13942
CRITICAL
Apache Unomi 1.5.0-1.5.1 - Unauthenticated Remote Code Execution via /context.json Endpoint
CVSS 9.8
CVE-2020-26890
HIGH
Matrix Synapse < 1.20.0 - Denial of Service via Malformed m.room.member Event JSON Values
CVSS 7.5
Details
Vulnerabilities
12,563
Exploit Likelihood
High