CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,582 vulnerabilities with CWE-20
CVE-2020-7822 HIGH
DaviewIndy < 8.98.7 - Heap-based Buffer Overflow via Malformed Image File
CVSS 7.8
CVE-2020-5771 HIGH
Teltonika TRB2_R_00.02.04.01 - Privilege Escalation
CVSS 7.5
CVE-2020-16272 CRITICAL
Kee Vault KeePassRPC < 1.12.0 - Remote Data Access and Modification via SRP-6a A=0 Parameter
CVSS 9.1
CVE-2020-3383 HIGH
Cisco Data Center Network Manager < 11.4(1) - Authenticated Path Traversal and Arbitrary File Write via Archive Utility
CVSS 8.8
CVE-2020-3375 CRITICAL
Cisco SD-WAN Solution Software - Buffer Overflow
CVSS 9.8
CVE-2020-3698 CRITICAL
Snapdragon Auto Snapdragon Compute Snapdragon Consumer Electronics ...
CVSS 9.8
CVE-2020-15099 HIGH
TYPO3 CMS >=9.0.0 <9.5.20, >=10.0.0 <10.4.6 - Info Disclosure
CVSS 8.1
CVE-2020-15098 HIGH
TYPO3 CMS >=9.0.0 <9.5.20, >=10.0.0 <10.4.6 - RCE
CVSS 8.8
CVE-2020-15086 CRITICAL
mediace 7.6.2-7.6.4 - Authenticated Remote Code Execution via Checksum Verification Bypass
CVSS 9.8
CVE-2020-7518 HIGH
Easergy Builder < 1.4.7.2 - Unauthenticated Project Configuration File Modification
CVSS 7.5
CVE-2020-10922 HIGH
C-MORE HMI EA9 Firmware <6.52 - DoS
CVSS 7.5
CVE-2020-3452 HIGH KEV
Cisco ASA 9.6-9.6.4.42 & FTD 6.2.3-6.2.3.16 Unauthenticated Path Traversal
CVSS 7.5
CVE-2020-6507 HIGH
Google Chrome < 83.0.4103.106 - Remote Code Execution via V8 Out of Bounds Write
CVSS 8.8
CVE-2020-12029 CRITICAL
Rockwell Automation FactoryTalk View SE - Unauthenticated Remote Code Execution via Crafted Filename
CVSS 9.0
CVE-2020-9255 MEDIUM
Huawei Honor 10 Firmware < 10.0.0.178(C00E178R1P4) - Denial of Service via Malicious Application
CVSS 5.5
CVE-2020-9254 HIGH
HUAWEI P30 Pro Firmware < 10.1.0.123(C432E19R2P5patch02) - Remote Code Execution via Malicious Application
CVSS 7.8
CVE-2020-7818 HIGH
DaviewIndy <8.98.9 - Buffer Overflow
CVSS 7.8
CVE-2020-1644 HIGH
Juniper Junos OS Multiple Versions and Junos OS Evolved < 20.1R2-EVO - DoS via BGP UPDATE
CVSS 7.5
CVE-2020-1640 HIGH
Juniper Junos OS - Unauthenticated Denial of Service via BGP Packet Processing
CVSS 7.5
CVE-2020-5131 HIGH
SonicWall NetExtender < 9.0.815 - Arbitrary File Write and DLL Overwrite
CVSS 7.8
CVE-2020-5130 MEDIUM
SonicOS < 6.5.4.4-44n - External Service Interaction via SSLVPN LDAP Login Request
CVSS 5.3
CVE-2020-3387 HIGH
Cisco SD-WAN vManage < 18.3.0 - Authenticated Remote Code Execution via User Authentication Processing
CVSS 8.8
CVE-2020-3379 HIGH
Cisco SD-WAN Solution Software - Privilege Escalation
CVSS 7.8
CVE-2020-3370 MEDIUM
Cisco Email Security Appliance < 13.0.1 - Unauthenticated URL Filtering Bypass via Malicious HTTP Request
CVSS 5.8
CVE-2020-3358 HIGH
Cisco RV340 RV340W RV345 RV345P Firmware < 1.0.03.18 - Unauthenticated Denial of Service via SSL VPN HTTP Request
CVSS 8.6
Details
Vulnerabilities 12,582
Exploit Likelihood High