CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,570 vulnerabilities with CWE-20
CVE-2020-12347 HIGH
Intel Data Center Manager < 3.6.2 - Authenticated Privilege Escalation via Network Input
CVSS 8.8
CVE-2020-12323 MEDIUM
Intel ADAS IE < 1.0.766 - Privilege Escalation via Improper Input Validation
CVSS 6.7
CVE-2020-0572 MEDIUM
Intel Server Board S2600ST and S2600WF Firmware - Privilege Escalation via Improper Input Validation
CVSS 6.7
CVE-2020-8756 MEDIUM
Intel(R) CSME <14.0.45 - Privilege Escalation
CVSS 6.7
CVE-2020-7472 CRITICAL
SugarCRM < 8.0.7, 9.0 < 9.0.4, 10.0 < 10.0.0 - Unauthenticated Remote Code Execution via Installation Component
CVSS 9.8
CVE-2020-12322 MEDIUM
Intel Wireless Bluetooth Firmware < 21.110 - Unauthenticated Denial of Service via Adjacent Access
CVSS 6.5
CVE-2020-12314 MEDIUM
Intel PROSet/Wireless WiFi < 21.110 - Unauthenticated Denial of Service via Adjacent Access
CVSS 6.5
CVE-2020-0590 HIGH
Intel Xeon Bronze/Silver/Gold Firmware - Authenticated Privilege Escalation via BIOS Input Validation
CVSS 7.8
CVE-2020-11201 HIGH
Qualcomm Snapdragon - Arbitrary DSP Memory Access via Improper Library Check
CVSS 7.8
CVE-2020-2000 HIGH
PAN-OS 8.1.0-8.1.15 - Authenticated OS Command Injection and Memory Corruption
CVSS 7.2
CVE-2020-16127 LOW
accountsservice < 0.6.55 - Denial of Service via ~/.pam_environment Symlink
CVSS 2.8
CVE-2020-26817 HIGH
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 7.8
CVE-2020-0442 HIGH
Android - Denial of Service via Malicious Contact File
CVSS 7.5
CVE-2020-8268 HIGH
json8-merge-patch < 1.0.3 - Code Injection
CVSS 7.5
CVE-2020-28349 MEDIUM
ChirpStack Network Server 3.9.0 - DoS via Malformed Uplink Frequency Attributes
CVSS 6.5
CVE-2020-3556 HIGH
Cisco AnyConnect Secure Mobility Client - Authenticated Script Execution via IPC Channel
CVSS 7.3
CVE-2020-3444 HIGH
Cisco SD-WAN Software - Auth Bypass
CVSS 7.5
CVE-2020-5643 MEDIUM
Cybozu Garoon <5.0.2 - Info Disclosure
CVSS 6.5
CVE-2020-24432 MEDIUM
Acrobat Reader DC <2020.012.20048 - RCE
CVSS 6.7
CVE-2020-24427 LOW
Acrobat Reader <2020.012.20048 - Info Disclosure
CVSS 3.3
CVE-2020-15983 HIGH
Google Chrome < 86.0.4240.75 - Content Security Policy Bypass via Crafted HTML Page
CVSS 7.8
CVE-2020-15978 HIGH
Google Chrome < 86.0.4240.75 - Navigation Restriction Bypass via Crafted HTML Page
CVSS 8.8
CVE-2020-15977 MEDIUM
Google Chrome < 86.0.4240.75 - Information Disclosure via Crafted HTML Page
CVSS 6.5
CVE-2020-28031 MEDIUM
eramba <= c2.8.1 - Authenticated HTTP Host Header Injection
CVSS 4.3
CVE-2020-3703 CRITICAL
Qualcomm Bluetooth Peripheral Firmware - Out-of-bounds Read via Invalid Opcode Length
CVSS 9.8
Details
Vulnerabilities 12,570
Exploit Likelihood High