CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,582 vulnerabilities with CWE-20
CVE-2020-0160 HIGH
Android 10 - Denial of Service via Missing Bounds Check in SampleTable.cpp
CVSS 8.8
CVE-2020-0118 HIGH
Android 10 - Local Privilege Escalation via RegionSamplingThread Input Validation
CVSS 7.8
CVE-2020-4433 HIGH
IBM Aspera Applications - Stack-Based Buffer Overflow
CVSS 7.5
CVE-2020-1286 HIGH
Windows 10 and Windows Server 2016/2019 - Remote Code Execution via Improper File Path Validation
CVSS 8.8
CVE-2020-1239 HIGH
Windows Media Foundation - Memory Corruption
CVSS 8.8
CVE-2020-9855 HIGH
macOS < 10.15.5 - Privilege Escalation via Symlink Validation Issue
CVSS 7.8
CVE-2020-9829 MEDIUM
iPadOS < 13.5 - Denial of Service via Maliciously Crafted Text Message
CVSS 6.5
CVE-2020-9826 HIGH
iPadOS < 13.5 - Denial of Service
CVSS 7.5
CVE-2020-9803 HIGH
iCloud < 7.19 - Remote Code Execution via Malicious Web Content
CVSS 8.8
CVE-2020-9793 HIGH
iPadOS < 13.5 - Remote Code Execution
CVSS 7.8
CVE-2020-9788 HIGH
macOS < 10.15.5 - JavaScript Execution via Improper Input Validation
CVSS 7.8
CVE-2020-9792 MEDIUM
iPadOS < 13.5 - Denial of Service via USB Device Input
CVSS 4.6
CVE-2020-12803 MEDIUM
LibreOffice < 6.4.4 - Unauthenticated Arbitrary File Write via Form Submission to file: URI
CVSS 6.5
CVE-2020-13646 HIGH
Cheetah free WiFi 5.1 - Denial of Service via liebaonat.sys IOCtl Input Validation
CVSS 7.8
CVE-2020-10068 MEDIUM
Zephyr < 1.14.0 - Denial of Service via Bluetooth Packet Handling
CVSS 5.1
CVE-2020-12852 MEDIUM
Pydio Cells 2.0.4 - Authenticated Arbitrary File Write and Remote Code Execution via Update Feature
CVSS 6.8
CVE-2020-13835 CRITICAL
Samsung Android O(8.x) with TEEGRIS - Unauthenticated Brute-Force Attack on Gatekeeper Trustlet
CVSS 9.8
CVE-2020-13832 CRITICAL
Android - Arbitrary Code Execution via Widevine Trustlet Memory Disclosure
CVSS 9.8
CVE-2020-3257 HIGH
Cisco IOS - Denial of Service and Remote Code Execution
CVSS 8.1
CVE-2020-3238 HIGH
Cisco Application Framework - Privilege Escalation
CVSS 8.1
CVE-2020-3235 HIGH
Cisco IOS - Authenticated Denial of Service via SNMP Input Validation
CVSS 7.7
CVE-2020-3230 HIGH
Cisco IOS - Unauthenticated Denial of Service via Crafted IKEv2 SA-Init Packets
CVSS 7.5
CVE-2020-3228 HIGH
Cisco IOS - Unauthenticated Denial of Service via Crafted SXP Packets
CVSS 8.6
CVE-2020-3226 HIGH
Cisco IOS - Unauthenticated Denial of Service via Crafted SIP Messages
CVSS 8.6
CVE-2020-3225 HIGH
Cisco IOS - Unauthenticated Denial of Service via CIP Traffic Processing
CVSS 8.6
Details
Vulnerabilities 12,582
Exploit Likelihood High