CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,582 vulnerabilities with CWE-20
CVE-2020-5238 MEDIUM
GitHub Flavored Markdown < 0.29.0.gfm.1 - Denial of Service via Table Extension
CVSS 6.5
CVE-2020-6261 MEDIUM
SAP Solution Manager <7.20 - Info Disclosure
CVSS 5.3
CVE-2020-5970 HIGH
NVIDIA Virtual GPU Manager 8.x-10.x - Denial of Service via vGPU Plugin Input Validation
CVSS 7.1
CVE-2020-14957 HIGH
Windows Cleaning Assistant 3.2 - DoS
CVSS 7.8
CVE-2020-14956 HIGH
Windows Cleaning Assistant 3.2 - DoS
CVSS 7.8
CVE-2020-3767 MEDIUM
ColdFusion 2016 and 2018 - Denial of Service via Insufficient Input Validation
CVSS 6.5
CVE-2020-14955 MEDIUM
Jiangmin Antivirus <16.0.13.129 - DoS
CVSS 5.5
CVE-2020-12033 HIGH
Rockwell FactoryTalk Services Platform - Unauthenticated Remote COM Execution
CVSS 8.8
CVE-2020-14939 HIGH
FreedroidRPG 1.0rc2 - Remote Code Execution via Modified Saved Game File
CVSS 7.8
CVE-2020-1727 MEDIUM
Keycloak < 9.0.2 - Improper Input Validation in Authorization URL
CVSS 6.4
CVE-2020-8102 HIGH
Bitdefender Total Security <24.0.20.116 - RCE
CVSS 8.8
CVE-2020-3676 HIGH
Snapdragon Auto/Mobile/Industrial IOT - Memory Corruption
CVSS 7.8
CVE-2020-8184 HIGH
rack < 2.1.4 - Cookie Integrity Bypass via Unvalidated Prefix
CVSS 7.5
CVE-2020-13961 MEDIUM
Strapi < 3.0.2 - Authenticated Email Template Injection via Global Variable
CVSS 6.5
CVE-2020-14459 HIGH
Mattermost Server < 5.19.0 - Channel Rename Collision with Direct Message
CVSS 7.5
CVE-2020-3368 MEDIUM
Cisco AsyncOS Software - Auth Bypass
CVSS 5.8
CVE-2020-3263 HIGH
Cisco Webex Meetings Desktop App - RCE
CVSS 7.5
CVE-2020-3244 MEDIUM
Cisco StarOS < 21.18.0 - Unauthenticated Traffic Classification Bypass via Malformed HTTP Request
CVSS 5.3
CVE-2020-7504 MEDIUM
Easergy T300 Firmware < 1.5.2 - Denial of Service via Crafted Network Packets
CVSS 5.3
CVE-2020-8543 HIGH
OX App Suite <7.10.3 - Info Disclosure
CVSS 7.5
CVE-2020-12001 CRITICAL
FactoryTalk Linx 6.00-6.11 & RSLinx Classic <4.11.00 - Path Traversal & Arbitrary File Write
CVSS 9.8
CVE-2020-11999 HIGH
FactoryTalk Linx 6.00-6.11 and RSLinx Classic <=4.11.00 - Unauthenticated Remote Code Execution via API File Processing
CVSS 8.1
CVE-2020-9075 MEDIUM
Huawei Secospace USG6300/USG6300E/USG6600 - Information Disclosure via Insufficient Input Verification
CVSS 6.5
CVE-2020-1825 MEDIUM
FusionAccess < 6.5.1.SPC002 - Denial of Service via Constructed Network Messages
CVSS 6.5
CVE-2020-0596 HIGH
Intel AMT and ISM < 11.8.77 - Unauthenticated Information Disclosure via DHCPv6 Input Validation
CVSS 7.5
Details
Vulnerabilities 12,582
Exploit Likelihood High