CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,570 vulnerabilities with CWE-20
CVE-2020-11156 HIGH
Qualcomm Bluetooth Firmware - Out-of-bounds Read in L2cap Packet Length Handling
CVSS 8.1
CVE-2020-11141 HIGH
Qualcomm Firmware - Bluetooth L2cap Out-of-bounds Read
CVSS 8.1
CVE-2020-8255 MEDIUM
Pulse Connect Secure <9.1R9 - Info Disclosure
CVSS 4.9
CVE-2020-25765 CRITICAL
Western Digital My Cloud Firmware < 5.04.114 - Remote Code Execution via reg_device.php Input Validation
CVSS 9.8
CVE-2020-9906 CRITICAL
iPadOS < 13.6 - Remote Denial of Service and Memory Corruption
CVSS 9.1
CVE-2020-9853 HIGH
macOS < 10.15.4 - Kernel Memory Layout Exposure via Improper Input Validation
CVSS 7.8
CVE-2020-3898 HIGH
macOS Catalina <10.15.4 - Privilege Escalation
CVSS 7.8
CVE-2020-3577 HIGH
Cisco Firepower Threat Defense < 6.3.0.6 - Unauthenticated Denial of Service via Malicious Ethernet Frames
CVSS 7.4
CVE-2020-3571 HIGH
Cisco Firepower Threat Defense 6.3.0-6.3.0.5 - Unauthenticated Denial of Service via ICMP Packet Processing
CVSS 8.6
CVE-2020-3317 HIGH
Cisco Firepower Threat Defense - DoS
CVSS 7.5
CVE-2020-3304 HIGH
Cisco Adaptive Security Appliance and Firepower Threat Defense - Unauthenticated Denial of Service via HTTP Request
CVSS 8.6
CVE-2020-6366 MEDIUM
SAP NetWeaver Compare Systems 7.20-7.50 - Authenticated Arbitrary File Read and Denial of Service via XML Upload
CVSS 6.5
CVE-2020-15256 HIGH
object-path <= 0.11.4 - Prototype Pollution
CVSS 7.7
CVE-2020-24388 HIGH
yubihsm-shell < 2.0.2 - Denial of Service via Unvalidated Message Length Field
CVSS 7.5
CVE-2020-11496 MEDIUM
Sprecher SPRECON-E < 8.64b - Arbitrary Code Execution via Malicious PDL Parameter Files
CVSS 6.7
CVE-2020-24649 CRITICAL
HPE Intelligent Management Center <PLAT 7.3 - RCE
CVSS 9.8
CVE-2020-24647 CRITICAL
HPE Intelligent Management Center <7.3 - RCE
CVSS 9.8
CVE-2020-1167 HIGH
Windows 10 and Windows Server 2016/2019 - Remote Code Execution via Malicious File
CVSS 7.8
CVE-2020-16968 HIGH
Windows 10 - Remote Code Execution via Specially Crafted File
CVSS 7.8
CVE-2020-16891 HIGH
Windows Hyper-V - Authenticated Remote Code Execution via Guest OS Input Validation
CVSS 8.8
CVE-2020-1682 MEDIUM
Juniper Junos OS - Denial of Service via Maintenance Commands
CVSS 5.5
CVE-2020-1679 HIGH
Juniper Junos OS PTX/QFX Series DoS via Malformed Packet Sampling
CVSS 7.5
CVE-2020-1677 HIGH
Juniper Mist Cloud UI < 2020-09-02 - SAML Authentication Bypass via Modified SAML Response
CVSS 7.2
CVE-2020-1676 HIGH
Juniper Mist Cloud UI < 2020-09-02 - SAML Authentication Bypass via Modified SAML Response
CVSS 7.2
CVE-2020-1672 HIGH
Juniper Junos OS - Denial of Service via Crafted DHCPv6 Packet
CVSS 7.5
Details
Vulnerabilities 12,570
Exploit Likelihood High