The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,582 vulnerabilities with CWE-20
CVE-2020-0160
HIGH
Android 10 - Denial of Service via Missing Bounds Check in SampleTable.cpp
CVSS 8.8
CVE-2020-0118
HIGH
Android 10 - Local Privilege Escalation via RegionSamplingThread Input Validation
CVSS 7.8
CVE-2020-4433
HIGH
IBM Aspera Applications - Stack-Based Buffer Overflow
CVSS 7.5
CVE-2020-1286
HIGH
Windows 10 and Windows Server 2016/2019 - Remote Code Execution via Improper File Path Validation
CVSS 8.8
CVE-2020-1239
HIGH
Windows Media Foundation - Memory Corruption
CVSS 8.8
CVE-2020-9855
HIGH
macOS < 10.15.5 - Privilege Escalation via Symlink Validation Issue
CVSS 7.8
CVE-2020-9829
MEDIUM
iPadOS < 13.5 - Denial of Service via Maliciously Crafted Text Message
CVSS 6.5
CVE-2020-9826
HIGH
iPadOS < 13.5 - Denial of Service
CVSS 7.5
CVE-2020-9803
HIGH
iCloud < 7.19 - Remote Code Execution via Malicious Web Content
CVSS 8.8
CVE-2020-9793
HIGH
iPadOS < 13.5 - Remote Code Execution
CVSS 7.8
CVE-2020-9788
HIGH
macOS < 10.15.5 - JavaScript Execution via Improper Input Validation
CVSS 7.8
CVE-2020-9792
MEDIUM
iPadOS < 13.5 - Denial of Service via USB Device Input
CVSS 4.6
CVE-2020-12803
MEDIUM
LibreOffice < 6.4.4 - Unauthenticated Arbitrary File Write via Form Submission to file: URI
CVSS 6.5
CVE-2020-13646
HIGH
Cheetah free WiFi 5.1 - Denial of Service via liebaonat.sys IOCtl Input Validation
CVSS 7.8
CVE-2020-10068
MEDIUM
Zephyr < 1.14.0 - Denial of Service via Bluetooth Packet Handling
CVSS 5.1
CVE-2020-12852
MEDIUM
Pydio Cells 2.0.4 - Authenticated Arbitrary File Write and Remote Code Execution via Update Feature
CVSS 6.8
CVE-2020-13835
CRITICAL
Samsung Android O(8.x) with TEEGRIS - Unauthenticated Brute-Force Attack on Gatekeeper Trustlet
CVSS 9.8
CVE-2020-13832
CRITICAL
Android - Arbitrary Code Execution via Widevine Trustlet Memory Disclosure
CVSS 9.8
CVE-2020-3257
HIGH
Cisco IOS - Denial of Service and Remote Code Execution
CVSS 8.1
CVE-2020-3238
HIGH
Cisco Application Framework - Privilege Escalation
CVSS 8.1
CVE-2020-3235
HIGH
Cisco IOS - Authenticated Denial of Service via SNMP Input Validation
CVSS 7.7
CVE-2020-3230
HIGH
Cisco IOS - Unauthenticated Denial of Service via Crafted IKEv2 SA-Init Packets
CVSS 7.5
CVE-2020-3228
HIGH
Cisco IOS - Unauthenticated Denial of Service via Crafted SXP Packets
CVSS 8.6
CVE-2020-3226
HIGH
Cisco IOS - Unauthenticated Denial of Service via Crafted SIP Messages
CVSS 8.6
CVE-2020-3225
HIGH
Cisco IOS - Unauthenticated Denial of Service via CIP Traffic Processing
CVSS 8.6
Details
Vulnerabilities
12,582
Exploit Likelihood
High