CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,582 vulnerabilities with CWE-20
CVE-2020-0904 MEDIUM
Windows 10 and Windows Server 2016/2019 - Denial of Service via Hyper-V Guest Input Validation
CVSS 6.5
CVE-2020-9239 MEDIUM
Huawei Smartphones - Information Disclosure via Improper Input Validation
CVSS 5.5
CVE-2020-16216 MEDIUM
Philips IntelliVue Patient Monitors - Denial of Service via Improper Input Validation
CVSS 6.5
CVE-2020-15170 HIGH
apollo-adminservice <1.7.1 - Privilege Escalation
CVSS 7.0
CVE-2020-15168 LOW
node-fetch <2.6.1,3.0.0-beta.9 - Info Disclosure
CVSS 2.6
CVE-2020-9743 MEDIUM
Adobe Experience Manager <= 6.5.5.0 - Unauthenticated HTML Injection in Content Editor
CVSS 5.3
CVE-2020-24074 CRITICAL
silk-v3-decoder <20160922 - Buffer Overflow
CVSS 9.8
CVE-2020-6348 MEDIUM
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 4.3
CVE-2020-6344 MEDIUM
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 4.3
CVE-2020-6338 MEDIUM
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 4.3
CVE-2020-6334 MEDIUM
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 4.3
CVE-2020-6333 MEDIUM
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 4.3
CVE-2020-6332 MEDIUM
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 4.3
CVE-2020-6314 MEDIUM
SAP 3D Visual Enterprise Viewer <9 - DoS
CVSS 4.3
CVE-2020-3617 HIGH
Snapdragon Compute - Buffer Overflow
CVSS 7.1
CVE-2020-3648 HIGH
Qualcomm MSM8909W Firmware - Out-of-Bounds Write in DSP Driver
CVSS 7.8
CVE-2020-3621 MEDIUM
Snapdragon Auto - Memory Corruption
CVSS 5.5
CVE-2020-11118 HIGH
Snapdragon Auto et al - Info Disclosure
CVSS 7.5
CVE-2020-15709 MEDIUM
add-apt-repository < 0.92.37.8ubuntu0.1~esm1 - Terminal Content Manipulation via ANSI Escape Sequences
CVSS 5.5
CVE-2020-3546 MEDIUM
Cisco AsyncOS < 13.5.1 - Unauthenticated Sensitive Information Disclosure via Web Interface Request
CVSS 5.3
CVE-2020-3542 MEDIUM
Cisco Webex Training < 40.7.6 - Authenticated Meeting Password Bypass via API Request
CVSS 5.3
CVE-2020-3498 MEDIUM
Cisco Jabber 12.1-12.1.2 - Authenticated Information Disclosure via Message Content
CVSS 6.5
CVE-2020-3495 CRITICAL
Cisco Jabber 12.1-12.1.3 - Authenticated Remote Code Execution via XMPP Message
CVSS 9.9
CVE-2020-3478 HIGH
Cisco Enterprise NFV Infrastructure Software 3.5.1-4.1.2 - Authenticated Arbitrary File Write via REST API
CVSS 8.1
CVE-2020-3453 MEDIUM
Cisco Small Business RV340 - Command Injection
CVSS 4.7
Details
Vulnerabilities 12,582
Exploit Likelihood High