CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,570 vulnerabilities with CWE-20
CVE-2020-1662 HIGH
Junos OS and Junos OS Evolved DoS via BGP Prefix Limit Exceeded
CVSS 7.5
CVE-2020-1656 HIGH
Juniper Junos - Denial of Service and Remote Code Execution via DHCPv6 Relay-Agent Service
CVSS 8.8
CVE-2020-9931 HIGH
iPadOS < 13.6 - Denial of Service via Improper Input Validation
CVSS 7.5
CVE-2020-9914 HIGH
iPadOS < 13.6 - Denial of Service via Malformed Bluetooth Packets
CVSS 7.5
CVE-2020-9870 HIGH
iPadOS < 13.6 - Arbitrary Code Execution via Pointer Authentication Bypass
CVSS 8.8
CVE-2020-15258 HIGH
Wire < 3.20.2934 - Remote Code Execution via Unvalidated URL Protocol Handling
CVSS 8.0
CVE-2020-6376 MEDIUM
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 5.5
CVE-2020-6375 MEDIUM
SAP 3D Visual Enterprise Viewer - <9 - DoS
CVSS 5.5
CVE-2020-6374 HIGH
SAP 3D Visual Enterprise Viewer - <9 - DoS
CVSS 7.8
CVE-2020-6373 HIGH
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 7.8
CVE-2020-6372 HIGH
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 7.8
CVE-2020-8349 CRITICAL
Lenovo CNOS REST API - Unauthenticated Remote Code Execution
CVSS 9.8
CVE-2020-6933 MEDIUM
BlackBerry Unified Endpoint Manager <= 12.13.0 - Denial of Service via Improper Input Validation
CVSS 5.5
CVE-2020-9110 MEDIUM
Huawei Taurus-AN00B Firmware < 10.1.0.156 - Information Disclosure via Insufficient Output Validation
CVSS 4.6
CVE-2020-9122 MEDIUM
Huawei HiRouter and WS Series Firmware - Denial of Service via LAN Input Validation
CVSS 6.5
CVE-2020-4781 MEDIUM
IBM Curam Social Program Management 7.0.9-7.0.10 - Denial of Service via Improper Input Validation
CVSS 6.5
CVE-2020-9105 MEDIUM
Huawei Taurus-AN00B Firmware < 10.1.0.156(C00E155R7P2) - Memory Access and Modification via Input Validation Bypass
CVSS 6.7
CVE-2020-3602 MEDIUM
Cisco StarOS - Privilege Escalation
CVSS 6.3
CVE-2020-3601 MEDIUM
Cisco StarOS - Privilege Escalation
CVSS 4.4
CVE-2020-3568 MEDIUM
Cisco AsyncOS < 13.5.2 - Unauthenticated URL Filter Bypass via Crafted URL
CVSS 5.8
CVE-2020-3567 MEDIUM
Cisco Industrial Network Director < 1.9.0 - Authenticated Denial of Service via REST API Request
CVSS 6.5
CVE-2020-25768 MEDIUM
Contao < 4.4.52, 4.9.x < 4.9.6, 4.10.x < 4.10.1 - Insert Tag Injection in Front End Forms
CVSS 5.3
CVE-2020-26597 HIGH
LG Mobile <Android 9.0/10 - Info Disclosure
CVSS 7.5
CVE-2020-7740 HIGH
node-pdf-generator - Server-Side Request Forgery via Unsanitized URL Content
CVSS 8.2
CVE-2020-24807 HIGH
socket.io-file < 2.0.31 - Remote Code Execution via Modified JSON Name Field
CVSS 7.8
Details
Vulnerabilities 12,570
Exploit Likelihood High