CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,582 vulnerabilities with CWE-20
CVE-2020-3451 MEDIUM
Cisco Small Business RV340 - Command Injection
CVSS 4.7
CVE-2020-24940 HIGH
Laravel < 6.18.34 and 7.x < 7.23.2 - Improper Input Validation in Mass Assignment
CVSS 7.5
CVE-2020-1890 HIGH
WhatsApp <2.20.11-2.20.2 - Open Redirect
CVSS 7.5
CVE-2020-9235 MEDIUM
Huawei Smartphones - Information Disclosure via Input Validation Error
CVSS 5.5
CVE-2020-7830 HIGH
RAONWIZ v2018.0.2.50- - Info Disclosure
CVSS 7.8
CVE-2020-5778 HIGH
Trading Technologies Messaging <7.1.28.3 - DoS
CVSS 7.5
CVE-2020-4693 CRITICAL
IBM Spectrum Protect Operations Center 7.1.0.000-7.1.10.000 - Remote Code Execution via Data Export
CVSS 9.8
CVE-2020-15704 MEDIUM
ppp < 2.4.7-1+ubuntu1.16.04.3 - Arbitrary File Read via MODPROBE_OPTIONS Environment Variable
CVSS 5.5
CVE-2020-25063 HIGH
LG Android 7.2-10 - Denial of Service via Incorrect Input Validation
CVSS 7.5
CVE-2020-25059 HIGH
LG Android 7.2-10 - Denial of Service via Incorrect Input Validation
CVSS 7.5
CVE-2020-7526 HIGH
PowerChute Business Edition < 9.1 - Remote Code Execution via Shutdown Script Execution
CVSS 8.8
CVE-2020-13465 MEDIUM
Gigadevice GD32F103 - Code Injection
CVSS 6.8
CVE-2020-13594 MEDIUM
Espressif ESP-IDF < 4.2 - Denial of Service via BLE Connection Request Channel Map
CVSS 6.5
CVE-2020-4559 HIGH
IBM Spectrum Protect 8.1.0.000-8.1.10.000 - Denial of Service via Improper Input Validation
CVSS 7.5
CVE-2020-3454 HIGH
Cisco NX-OS Software - Command Injection
CVSS 7.2
CVE-2020-3398 HIGH
Cisco NX-OS - Unauthenticated Denial of Service via BGP MVPN Update Message Parsing
CVSS 8.6
CVE-2020-3397 HIGH
Cisco NX-OS - Denial of Service via BGP MVPN Update Message
CVSS 8.6
CVE-2020-3521 MEDIUM
Cisco Data Center Network Manager < 11.4(1) - Authenticated Directory Traversal via REST API
CVSS 5.3
CVE-2020-3519 HIGH
Cisco Data Center Network Manager < 11.4(1) - Authenticated Path Traversal and Arbitrary File Write via REST API
CVSS 8.1
CVE-2020-3507 HIGH
Cisco Video Surveillance 8000 Series IP Cameras RCE and DoS via Cisco Discovery Protocol
CVSS 8.8
CVE-2020-3506 HIGH
Cisco Video Surveillance 8000 Series IP Cameras RCE and DoS via Cisco Discovery Protocol
CVSS 8.8
CVE-2020-3496 MEDIUM
Cisco Small Business Smart and Managed Switches - DoS
CVSS 5.3
CVE-2020-17393 MEDIUM
Parallels Desktop 15.1.3-47255 - Info Disclosure
CVSS 6.5
CVE-2020-16237 LOW
Philips SureSigns VS4 < a.07.107 - Improper Input Validation
CVSS 2.1
CVE-2020-24359 HIGH
HashiCorp vault-ssh-helper <0.2.0 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 12,582
Exploit Likelihood High