The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,582 vulnerabilities with CWE-20
CVE-2020-3221
HIGH
Cisco IOS XE - Unauthenticated Denial of Service via Malformed Flexible NetFlow Version 9 Packet
CVSS 8.6
CVE-2020-3219
HIGH
Cisco IOS XE - Authenticated Remote Code Execution via Web UI Input Validation Bypass
CVSS 8.8
CVE-2020-3218
HIGH
Cisco IOS XE - Authenticated Remote Code Execution via Malicious File Upload
CVSS 7.2
CVE-2020-3217
HIGH
Cisco IOS - Unauthenticated Remote Code Execution or Denial of Service via Cisco Discovery Protocol Message Parsing
CVSS 8.8
CVE-2020-3215
MEDIUM
Cisco IOS XE - Privilege Escalation
CVSS 6.7
CVE-2020-3214
MEDIUM
Cisco IOS XE - Privilege Escalation
CVSS 6.7
CVE-2020-3206
MEDIUM
Cisco IOS XE - Unauthenticated Denial of Service via Spoofed 802.11w PMF
CVSS 4.7
CVE-2020-3205
HIGH
Cisco IOS for Industrial ISRs and CGR1000 - Unauthenticated OS Command Injection via Inter-VM Channel
CVSS 8.8
CVE-2020-3204
MEDIUM
Cisco IOS - Authenticated Remote Code Execution via Tcl Interpreter
CVSS 6.7
CVE-2020-3201
MEDIUM
Cisco IOS - Authenticated Denial of Service via Tcl Interpreter Input Validation
CVSS 6.0
CVE-2020-3199
HIGH
Cisco IOS - Denial of Service and Remote Code Execution
CVSS 8.8
CVE-2020-3322
LOW
Cisco Webex Network Recording Player and Webex Player - Denial of Service via Malicious ARF or WRF File
CVSS 3.3
CVE-2020-3321
LOW
Cisco Webex Player and Network Recording Player - Denial of Service via Malicious ARF or WRF File
CVSS 3.3
CVE-2020-3319
LOW
Cisco Webex Network Recording Player and Webex Player < 3.0 - Denial of Service via Malicious ARF or WRF File
CVSS 3.3
CVE-2020-3623
HIGH
Snapdragon Mobile - SM8250/SXR2130 - Info Disclosure
CVSS 7.8
CVE-2020-13401
MEDIUM
Docker Engine < 19.03.11 - IPv6 Router Advertisement Spoofing via CAP_NET_RAW
CVSS 6.0
CVE-2020-12062
HIGH
OpenSSH 8.2 - Arbitrary File Overwrite via Malicious Remote Subdirectory
CVSS 7.5
CVE-2020-6868
MEDIUM
ZTE F680 Firmware V9.0.10P1N6 - Input Validation Bypass via HTTP Proxy
CVSS 6.5
CVE-2020-13634
HIGH
Windows Master 7.99.13.604 - Denial of Service via IOCtl 0xF1002558
CVSS 7.8
CVE-2020-4231
MEDIUM
IBM Security Identity Governance and Intelligence 5.2.6 - Authenticated Command Injection via Hazardous Input Validation
CVSS 6.5
CVE-2020-12389
CRITICAL
Firefox < 76.0 and Firefox ESR < 68.8.0 - Sandbox Escape via Insufficient Content Process Access Control
CVSS 10.0
CVE-2020-12388
CRITICAL
Firefox < 76.0 and Firefox ESR < 68.8.0 - Sandbox Escape via Content Process Access Control
CVSS 10.0
CVE-2020-5537
CRITICAL
Cybozu Desktop for Windows <2.2.40 - RCE
CVSS 9.8
CVE-2020-3314
MEDIUM
Cisco AMP for Endpoints Mac Connector Software - DoS
CVSS 6.1
CVE-2020-3280
CRITICAL
Cisco Unified Contact Center Express 12.0-12.0(1)es03 - RCE via Insecure Java Deserialization
CVSS 9.8
Details
Vulnerabilities
12,582
Exploit Likelihood
High