The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,582 vulnerabilities with CWE-20
CVE-2020-3357
CRITICAL
Cisco Small Business RV340-345 - RCE/DoS
CVSS 9.8
CVE-2020-3345
MEDIUM
Cisco Webex Meetings < 40.6.0 and Webex Meetings Server < 4.0 - Cross-Site Scripting
CVSS 4.3
CVE-2020-3323
CRITICAL
Cisco Small Business RV110W-215W - RCE
CVSS 9.8
CVE-2020-14503
CRITICAL
Advantech iView < 5.6 - Remote Code Execution
CVSS 9.8
CVE-2020-1355
HIGH
Windows 10 and Windows Server 2016 - Remote Code Execution in Font Driver Host
CVSS 7.8
CVE-2020-1350
CRITICAL
KEV
Windows Server 2008, 2012, 2016, 2019 - Remote Code Execution in DNS Server
CVSS 10.0
CVE-2020-1043
CRITICAL
Windows Server 2008, 2012, 2016 - Authenticated Remote Code Execution via Hyper-V RemoteFX vGPU Input Validation
CVSS 9.0
CVE-2020-1042
CRITICAL
Windows Server 2008, 2012, 2016 - Authenticated Remote Code Execution via Hyper-V RemoteFX vGPU Input
CVSS 9.0
CVE-2020-1041
CRITICAL
Windows Server 2008, 2012, 2016 - Authenticated Remote Code Execution via Hyper-V RemoteFX vGPU Input
CVSS 9.0
CVE-2020-1040
CRITICAL
KEV
Windows Server 2008, 2012, 2016 - Authenticated Remote Code Execution via Hyper-V RemoteFX vGPU Input Validation
CVSS 9.0
CVE-2020-1036
CRITICAL
Windows Server 2008, 2012, 2016 - Authenticated Remote Code Execution via Hyper-V RemoteFX vGPU Input
CVSS 9.0
CVE-2020-1032
CRITICAL
Windows Server 2008, 2012, 2016 - Authenticated Remote Code Execution via Hyper-V RemoteFX vGPU Input
CVSS 9.0
CVE-2020-1025
CRITICAL
Microsoft SharePoint Server/Skype for Business Server - Privilege E...
CVSS 9.8
CVE-2020-7588
MEDIUM
Siemens SIMATIC Products - Partial Denial of Service via Crafted Packet
CVSS 5.3
CVE-2020-13753
CRITICAL
WebKitGTK and WPE WebKit < 2.28.3 - Sandbox Escape via CLONE_NEWUSER and TIOCSTI
CVSS 10.0
CVE-2020-8195
MEDIUM
KEV
Citrix ADC/Gateway <13.0-58.30 - Info Disclosure
CVSS 6.5
CVE-2020-8187
HIGH
Citrix ADC/Gateway <11.1-63.9, 12.0-62.10 - DoS
CVSS 7.5
CVE-2020-9258
MEDIUM
HUAWEI P30 Firmware < 10.1.0.135(C00E135R2P11) - Information Disclosure via Improper Input Validation
CVSS 5.5
CVE-2020-7814
HIGH
RAONWIZ RAON KUpload < 2018.0.2.51 - Remote Code Execution via Unvalidated File Extension
CVSS 7.8
CVE-2020-15584
MEDIUM
Android - Out-of-Bounds Access via 4K Wallpaper Image Processing
CVSS 5.5
CVE-2020-15543
CRITICAL
SolarWinds Serv-U FTP Server < 15.2.1 - Path Traversal via Unvalidated Argument
CVSS 9.8
CVE-2020-15503
HIGH
LibRaw < 0.20-RC1 - Heap-Based Buffer Overflow via Unvalidated Thumbnail Length
CVSS 7.5
CVE-2020-9497
MEDIUM
Apache Guacamole < 1.1.0 - Information Disclosure via RDP Static Virtual Channel Data
CVSS 4.4
CVE-2020-7821
HIGH
Nexacro14/17 ExtCommonApiV13 <2019.9.6 - RCE
CVSS 7.8
CVE-2020-7820
HIGH
Nexacro14/17 ExtCommonApiV13 Library <2019.9.6 - RCE
CVSS 7.8
Details
Vulnerabilities
12,582
Exploit Likelihood
High