The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,582 vulnerabilities with CWE-20
CVE-2020-5238
MEDIUM
GitHub Flavored Markdown < 0.29.0.gfm.1 - Denial of Service via Table Extension
CVSS 6.5
CVE-2020-6261
MEDIUM
SAP Solution Manager <7.20 - Info Disclosure
CVSS 5.3
CVE-2020-5970
HIGH
NVIDIA Virtual GPU Manager 8.x-10.x - Denial of Service via vGPU Plugin Input Validation
CVSS 7.1
CVE-2020-14957
HIGH
Windows Cleaning Assistant 3.2 - DoS
CVSS 7.8
CVE-2020-14956
HIGH
Windows Cleaning Assistant 3.2 - DoS
CVSS 7.8
CVE-2020-3767
MEDIUM
ColdFusion 2016 and 2018 - Denial of Service via Insufficient Input Validation
CVSS 6.5
CVE-2020-14955
MEDIUM
Jiangmin Antivirus <16.0.13.129 - DoS
CVSS 5.5
CVE-2020-12033
HIGH
Rockwell FactoryTalk Services Platform - Unauthenticated Remote COM Execution
CVSS 8.8
CVE-2020-14939
HIGH
FreedroidRPG 1.0rc2 - Remote Code Execution via Modified Saved Game File
CVSS 7.8
CVE-2020-1727
MEDIUM
Keycloak < 9.0.2 - Improper Input Validation in Authorization URL
CVSS 6.4
CVE-2020-8102
HIGH
Bitdefender Total Security <24.0.20.116 - RCE
CVSS 8.8
CVE-2020-3676
HIGH
Snapdragon Auto/Mobile/Industrial IOT - Memory Corruption
CVSS 7.8
CVE-2020-8184
HIGH
rack < 2.1.4 - Cookie Integrity Bypass via Unvalidated Prefix
CVSS 7.5
CVE-2020-13961
MEDIUM
Strapi < 3.0.2 - Authenticated Email Template Injection via Global Variable
CVSS 6.5
CVE-2020-14459
HIGH
Mattermost Server < 5.19.0 - Channel Rename Collision with Direct Message
CVSS 7.5
CVE-2020-3368
MEDIUM
Cisco AsyncOS Software - Auth Bypass
CVSS 5.8
CVE-2020-3263
HIGH
Cisco Webex Meetings Desktop App - RCE
CVSS 7.5
CVE-2020-3244
MEDIUM
Cisco StarOS < 21.18.0 - Unauthenticated Traffic Classification Bypass via Malformed HTTP Request
CVSS 5.3
CVE-2020-7504
MEDIUM
Easergy T300 Firmware < 1.5.2 - Denial of Service via Crafted Network Packets
CVSS 5.3
CVE-2020-8543
HIGH
OX App Suite <7.10.3 - Info Disclosure
CVSS 7.5
CVE-2020-12001
CRITICAL
FactoryTalk Linx 6.00-6.11 & RSLinx Classic <4.11.00 - Path Traversal & Arbitrary File Write
CVSS 9.8
CVE-2020-11999
HIGH
FactoryTalk Linx 6.00-6.11 and RSLinx Classic <=4.11.00 - Unauthenticated Remote Code Execution via API File Processing
CVSS 8.1
CVE-2020-9075
MEDIUM
Huawei Secospace USG6300/USG6300E/USG6600 - Information Disclosure via Insufficient Input Verification
CVSS 6.5
CVE-2020-1825
MEDIUM
FusionAccess < 6.5.1.SPC002 - Denial of Service via Constructed Network Messages
CVSS 6.5
CVE-2020-0596
HIGH
Intel AMT and ISM < 11.8.77 - Unauthenticated Information Disclosure via DHCPv6 Input Validation
CVSS 7.5
Details
Vulnerabilities
12,582
Exploit Likelihood
High