The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,582 vulnerabilities with CWE-20
CVE-2020-3488
HIGH
Cisco IOS XE for Catalyst 9800 Series - Unauthenticated Denial of Service via CAPWAP Packet Processing
CVSS 7.4
CVE-2020-3487
MEDIUM
Cisco IOS XE - Unauthenticated Denial of Service via CAPWAP Packet Processing
CVSS 6.5
CVE-2020-3486
MEDIUM
Cisco IOS XE - Unauthenticated Denial of Service via CAPWAP Packet Processing
CVSS 6.5
CVE-2020-3479
MEDIUM
Cisco IOS and IOS XE - Unauthenticated Denial of Service via Malformed EVPN BGP Update Messages
CVSS 6.1
CVE-2020-3477
MEDIUM
Cisco IOS Software - Privilege Escalation
CVSS 5.5
CVE-2020-3475
MEDIUM
Cisco IOS XE - Authenticated Denial of Service via Web Management Framework
CVSS 4.3
CVE-2020-3474
MEDIUM
Cisco IOS XE - Authenticated Denial of Service via Web Management Framework
CVSS 4.3
CVE-2020-3465
HIGH
Cisco IOS XE - Unauthenticated Denial of Service via Ethernet Frame Handling
CVSS 7.4
CVE-2020-3429
MEDIUM
Cisco IOS XE Wireless Controller - DoS
CVSS 6.5
CVE-2020-3428
MEDIUM
Cisco IOS XE Wireless Controller Software - DoS
CVSS 6.5
CVE-2020-3426
HIGH
Cisco IOS - Unauthenticated Denial of Service or Unauthorized Data Read via VLPWA Protocol Modem Message Handling
CVSS 7.5
CVE-2020-3425
HIGH
Cisco IOS XE - Privilege Escalation
CVSS 8.8
CVE-2020-3409
HIGH
Cisco IOS Software/Cisco IOS XE Software - DoS
CVSS 7.4
CVE-2020-3393
MEDIUM
Cisco IOS XE - Privilege Escalation
CVSS 6.0
CVE-2020-3390
HIGH
Cisco IOS XE Wireless Controller Software DoS via Crafted 802.1x Packet
CVSS 7.4
CVE-2020-3359
HIGH
Cisco IOS XE for Catalyst 9800 Series - Unauthenticated Denial of Service via mDNS Packet
CVSS 8.6
CVE-2020-3141
HIGH
Cisco IOS XE - Privilege Escalation
CVSS 8.8
CVE-2020-6020
MEDIUM
Check Point Security Management <R80.10-0.40 - Command Injection
CVSS 6.4
CVE-2020-4324
MEDIUM
IBM Security Secret Server < 10.9 - Security Restriction Bypass via Improper Input Validation
CVSS 4.3
CVE-2020-3133
HIGH
Cisco AsyncOS Software - Auth Bypass
CVSS 7.5
CVE-2020-3130
MEDIUM
Cisco Unity Connection - File Overwrite
CVSS 6.5
CVE-2020-3116
MEDIUM
Cisco Webex Meetings Online and Webex Meetings Server - Denial of Service via Malicious UCF File Processing
CVSS 5.5
CVE-2020-4618
MEDIUM
IBM Data Risk Manager < 2.0.6.4 - Denial of Service via Improper Input Validation
CVSS 4.9
CVE-2020-6571
MEDIUM
Google Chrome < 85.0.4183.83 - Domain Spoofing via IDN Homographs in Omnibox
CVSS 4.3
CVE-2020-6567
MEDIUM
Google Chrome < 85.0.4183.83 - Navigation Restriction Bypass via Command Line Handling
CVSS 6.5
Details
Vulnerabilities
12,582
Exploit Likelihood
High