CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,582 vulnerabilities with CWE-20
CVE-2020-4548 LOW
IBM Content Navigator 3.0.7-3.0.8 - Authenticated Improper Input Validation
CVSS 2.7
CVE-2020-10289 HIGH
Openrobotics Robot Operating System - Insecure Deserialization
CVSS 8.8
CVE-2020-3502 MEDIUM
Cisco Webex Meetings < 39.5.24 - Authenticated Information Disclosure via Malicious URL Path Parameters
CVSS 4.1
CVE-2020-3501 MEDIUM
Cisco Webex Meetings < 39.5.24 - Authenticated Information Disclosure via Malicious URL Parameters
CVSS 4.1
CVE-2020-3435 MEDIUM
Cisco AnyConnect Secure Mobility Client for Windows - Privilege Esc...
CVSS 5.5
CVE-2020-3434 MEDIUM
Cisco AnyConnect Privilege Escalations (CVE-2020-3153 and CVE-2020-3433)
CVSS 5.5
CVE-2020-3363 HIGH
Cisco Small Business Smart and Managed Switches - DoS
CVSS 8.6
CVE-2020-13941 HIGH
Apache Solr < 8.6.0 - Unauthenticated Arbitrary File Read and Write via Replication Handler Location Parameter
CVSS 8.8
CVE-2020-15694 HIGH
Nim < 1.2.6 - Improper Input Validation in HTTP Client Response Handling
CVSS 7.5
CVE-2020-8688 HIGH
Intel RAID Web Console 3 < 7.012.016.000 - Unauthenticated Denial of Service via Network Access
CVSS 7.5
CVE-2020-12299 HIGH
Intel S2600ST/S2600BP/S2600WF BIOS < 02.01.0012 Privilege Escalation via Input Validation
CVSS 8.2
CVE-2020-0555 HIGH
Intel Wireless Bluetooth Firmware - Authenticated Privilege Escalation via Improper Input Validation
CVSS 7.8
CVE-2020-8742 MEDIUM
Intel(R) NUC - Privilege Escalation
CVSS 6.7
CVE-2020-8721 HIGH
Intel(R) Server Boards <1.59 - Privilege Escalation
CVSS 8.2
CVE-2020-8717 MEDIUM
Intel Server Boards, Systems, and Compute Modules < 1.59 - Authenticated Denial of Service via Improper Input Validation
CVSS 5.5
CVE-2020-2035 LOW
PAN-OS - Security Policy Bypass via SNI Field in TLS Client Hello
CVSS 3.0
CVE-2020-17479 CRITICAL
jpv <2.2.2 - Info Disclosure
CVSS 9.8
CVE-2020-16227 HIGH
Delta Electronics TPEditor < 1.97 - Remote Code Execution via Crafted Project File
CVSS 7.8
CVE-2020-16215 HIGH
Advantech WebAccess HMI Designer < 2.1.9.31 - Stack-based Buffer Overflow via Crafted Project File
CVSS 7.8
CVE-2020-7459 MEDIUM
FreeBSD Buffer Overflow in USB Network Drivers
CVSS 6.8
CVE-2020-15112 MEDIUM
etcd <3.3.23, 3.4.10 - Info Disclosure
CVSS 6.5
CVE-2020-15106 MEDIUM
etcd <3.3.23-3.4.10 - Memory Corruption
CVSS 6.5
CVE-2020-8607 MEDIUM
Trend Micro Antivirus Toolkit < 1.62.1240 - Kernel Address Modification via Rootkit Protection Driver
CVSS 6.7
CVE-2020-15109 MEDIUM
Solidus <2.8.6, 2.9.6, 2.10.2 - Info Disclosure
CVSS 5.3
CVE-2020-7823 HIGH
DaviewIndy < 8.98.7 - Memory Corruption via Malformed Image File
CVSS 7.8
Details
Vulnerabilities 12,582
Exploit Likelihood High