The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,582 vulnerabilities with CWE-20
CVE-2020-15964
HIGH
Google Chrome < 85.0.4183.121 - Remote Code Execution via Media Data Validation
CVSS 8.8
CVE-2020-25787
CRITICAL
Tiny Tiny RSS < 2020-09-16 - Server-Side Request Forgery via URL Validation Bypass
CVSS 9.8
CVE-2020-15181
CRITICAL
Alfresco Reset Password <1.2.0 - Privilege Escalation
CVSS 9.3
CVE-2020-0325
MEDIUM
Android 11 - Local Information Disclosure via NFC Bounds Check Missing
CVSS 4.4
CVE-2020-15186
LOW
Helm <2.16.11-3.3.2 - Code Injection
CVSS 3.4
CVE-2020-15184
LOW
Helm <2.16.11, <3.3.2 - Code Injection
CVSS 3.7
CVE-2020-0363
MEDIUM
Android 11 - Remote Denial of Service via Improper Input Validation in libmedia
CVSS 6.5
CVE-2020-0362
MEDIUM
Android 11 - Remote Denial of Service via Improper Input Validation in libstagefright
CVSS 6.5
CVE-2020-0353
MEDIUM
Android 11 - Remote Denial of Service via libmp4extractor Resource Exhaustion
CVSS 6.5
CVE-2020-0351
MEDIUM
Android 11 - Denial of Service via Improper Input Validation in libstagefright
CVSS 6.5
CVE-2020-0333
CRITICAL
Android 11 - Remote Code Execution via UrlQuerySanitizer Input Validation
CVSS 9.8
CVE-2020-0320
MEDIUM
Android 11 - Remote Denial of Service via Improper Input Validation in libstagefright
CVSS 6.5
CVE-2020-0301
MEDIUM
Android 11 - Remote Denial of Service via Improper Input Validation in libstagefright
CVSS 6.5
CVE-2020-0287
MEDIUM
Android 11 - Remote Denial of Service via Missing Bounds Check in libmkvextractor
CVSS 6.5
CVE-2020-0130
HIGH
Android 11 - Local Privilege Escalation via Screencap Command Injection
CVSS 7.8
CVE-2020-14338
MEDIUM
Xerces < 2.12.0.SP3 - XML Schema Validation Bypass via Grammar Pool Manipulation
CVSS 5.3
CVE-2020-24377
CRITICAL
Freebox OS < 4.2.3 - DNS Rebinding
CVSS 9.6
CVE-2020-24376
CRITICAL
Freebox Server <4.2.3 - DNS Rebinding in UPnP IGD
CVSS 9.6
CVE-2020-24374
CRITICAL
Freebox v5 <1.5.29 - DNS Rebinding
CVSS 9.6
CVE-2020-14513
HIGH
CodeMeter < 6.81 - Denial of Service via Crafted License File
CVSS 7.5
CVE-2020-10715
MEDIUM
openshift/console <4 - Content Spoofing
CVSS 4.3
CVE-2020-25614
CRITICAL
xmlquery < 1.3.1 - Denial of Service via Unchecked LoadURL Response Format
CVSS 9.8
CVE-2020-16099
MEDIUM
Gallagher Command Centre 8.20 < 8.20.1093 - Denial of Service via Guard Tour Event Reporting
CVSS 4.3
CVE-2020-13317
MEDIUM
GitLab <13.1.10-13.3.4 - Privilege Escalation
CVSS 6.5
CVE-2020-1044
MEDIUM
SQL Server Reporting Services - Auth Bypass
CVSS 4.3
Details
Vulnerabilities
12,582
Exploit Likelihood
High