CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,582 vulnerabilities with CWE-20
CVE-2020-3488 HIGH
Cisco IOS XE for Catalyst 9800 Series - Unauthenticated Denial of Service via CAPWAP Packet Processing
CVSS 7.4
CVE-2020-3487 MEDIUM
Cisco IOS XE - Unauthenticated Denial of Service via CAPWAP Packet Processing
CVSS 6.5
CVE-2020-3486 MEDIUM
Cisco IOS XE - Unauthenticated Denial of Service via CAPWAP Packet Processing
CVSS 6.5
CVE-2020-3479 MEDIUM
Cisco IOS and IOS XE - Unauthenticated Denial of Service via Malformed EVPN BGP Update Messages
CVSS 6.1
CVE-2020-3477 MEDIUM
Cisco IOS Software - Privilege Escalation
CVSS 5.5
CVE-2020-3475 MEDIUM
Cisco IOS XE - Authenticated Denial of Service via Web Management Framework
CVSS 4.3
CVE-2020-3474 MEDIUM
Cisco IOS XE - Authenticated Denial of Service via Web Management Framework
CVSS 4.3
CVE-2020-3465 HIGH
Cisco IOS XE - Unauthenticated Denial of Service via Ethernet Frame Handling
CVSS 7.4
CVE-2020-3429 MEDIUM
Cisco IOS XE Wireless Controller - DoS
CVSS 6.5
CVE-2020-3428 MEDIUM
Cisco IOS XE Wireless Controller Software - DoS
CVSS 6.5
CVE-2020-3426 HIGH
Cisco IOS - Unauthenticated Denial of Service or Unauthorized Data Read via VLPWA Protocol Modem Message Handling
CVSS 7.5
CVE-2020-3425 HIGH
Cisco IOS XE - Privilege Escalation
CVSS 8.8
CVE-2020-3409 HIGH
Cisco IOS Software/Cisco IOS XE Software - DoS
CVSS 7.4
CVE-2020-3393 MEDIUM
Cisco IOS XE - Privilege Escalation
CVSS 6.0
CVE-2020-3390 HIGH
Cisco IOS XE Wireless Controller Software DoS via Crafted 802.1x Packet
CVSS 7.4
CVE-2020-3359 HIGH
Cisco IOS XE for Catalyst 9800 Series - Unauthenticated Denial of Service via mDNS Packet
CVSS 8.6
CVE-2020-3141 HIGH
Cisco IOS XE - Privilege Escalation
CVSS 8.8
CVE-2020-6020 MEDIUM
Check Point Security Management <R80.10-0.40 - Command Injection
CVSS 6.4
CVE-2020-4324 MEDIUM
IBM Security Secret Server < 10.9 - Security Restriction Bypass via Improper Input Validation
CVSS 4.3
CVE-2020-3133 HIGH
Cisco AsyncOS Software - Auth Bypass
CVSS 7.5
CVE-2020-3130 MEDIUM
Cisco Unity Connection - File Overwrite
CVSS 6.5
CVE-2020-3116 MEDIUM
Cisco Webex Meetings Online and Webex Meetings Server - Denial of Service via Malicious UCF File Processing
CVSS 5.5
CVE-2020-4618 MEDIUM
IBM Data Risk Manager < 2.0.6.4 - Denial of Service via Improper Input Validation
CVSS 4.9
CVE-2020-6571 MEDIUM
Google Chrome < 85.0.4183.83 - Domain Spoofing via IDN Homographs in Omnibox
CVSS 4.3
CVE-2020-6567 MEDIUM
Google Chrome < 85.0.4183.83 - Navigation Restriction Bypass via Command Line Handling
CVSS 6.5
Details
Vulnerabilities 12,582
Exploit Likelihood High