The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,570 vulnerabilities with CWE-20
CVE-2020-1662
HIGH
Junos OS and Junos OS Evolved DoS via BGP Prefix Limit Exceeded
CVSS 7.5
CVE-2020-1656
HIGH
Juniper Junos - Denial of Service and Remote Code Execution via DHCPv6 Relay-Agent Service
CVSS 8.8
CVE-2020-9931
HIGH
iPadOS < 13.6 - Denial of Service via Improper Input Validation
CVSS 7.5
CVE-2020-9914
HIGH
iPadOS < 13.6 - Denial of Service via Malformed Bluetooth Packets
CVSS 7.5
CVE-2020-9870
HIGH
iPadOS < 13.6 - Arbitrary Code Execution via Pointer Authentication Bypass
CVSS 8.8
CVE-2020-15258
HIGH
Wire < 3.20.2934 - Remote Code Execution via Unvalidated URL Protocol Handling
CVSS 8.0
CVE-2020-6376
MEDIUM
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 5.5
CVE-2020-6375
MEDIUM
SAP 3D Visual Enterprise Viewer - <9 - DoS
CVSS 5.5
CVE-2020-6374
HIGH
SAP 3D Visual Enterprise Viewer - <9 - DoS
CVSS 7.8
CVE-2020-6373
HIGH
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 7.8
CVE-2020-6372
HIGH
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 7.8
CVE-2020-8349
CRITICAL
Lenovo CNOS REST API - Unauthenticated Remote Code Execution
CVSS 9.8
CVE-2020-6933
MEDIUM
BlackBerry Unified Endpoint Manager <= 12.13.0 - Denial of Service via Improper Input Validation
CVSS 5.5
CVE-2020-9110
MEDIUM
Huawei Taurus-AN00B Firmware < 10.1.0.156 - Information Disclosure via Insufficient Output Validation
CVSS 4.6
CVE-2020-9122
MEDIUM
Huawei HiRouter and WS Series Firmware - Denial of Service via LAN Input Validation
CVSS 6.5
CVE-2020-4781
MEDIUM
IBM Curam Social Program Management 7.0.9-7.0.10 - Denial of Service via Improper Input Validation
CVSS 6.5
CVE-2020-9105
MEDIUM
Huawei Taurus-AN00B Firmware < 10.1.0.156(C00E155R7P2) - Memory Access and Modification via Input Validation Bypass
CVSS 6.7
CVE-2020-3602
MEDIUM
Cisco StarOS - Privilege Escalation
CVSS 6.3
CVE-2020-3601
MEDIUM
Cisco StarOS - Privilege Escalation
CVSS 4.4
CVE-2020-3568
MEDIUM
Cisco AsyncOS < 13.5.2 - Unauthenticated URL Filter Bypass via Crafted URL
CVSS 5.8
CVE-2020-3567
MEDIUM
Cisco Industrial Network Director < 1.9.0 - Authenticated Denial of Service via REST API Request
CVSS 6.5
CVE-2020-25768
MEDIUM
Contao < 4.4.52, 4.9.x < 4.9.6, 4.10.x < 4.10.1 - Insert Tag Injection in Front End Forms
CVSS 5.3
CVE-2020-26597
HIGH
LG Mobile <Android 9.0/10 - Info Disclosure
CVSS 7.5
CVE-2020-7740
HIGH
node-pdf-generator - Server-Side Request Forgery via Unsanitized URL Content
CVSS 8.2
CVE-2020-24807
HIGH
socket.io-file < 2.0.31 - Remote Code Execution via Modified JSON Name Field
CVSS 7.8
Details
Vulnerabilities
12,570
Exploit Likelihood
High