CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,582 vulnerabilities with CWE-20
CVE-2020-3272 HIGH
Cisco Prime Network Registrar - DoS
CVSS 7.5
CVE-2020-1195 MEDIUM
Microsoft Edge - Elevation of Privilege via Feedback Extension Input Validation
CVSS 5.9
CVE-2020-1173 MEDIUM
Microsoft Power BI Report Server - Spoofing via Attachment Content-Type Validation
CVSS 6.8
CVE-2020-1084 MEDIUM
Connected User Experiences and Telemetry Service - DoS
CVSS 5.5
CVE-2020-1081 HIGH
Windows Printer Service - Privilege Escalation
CVSS 7.8
CVE-2020-10738 HIGH
Moodle 3.5-3.5.11, 3.6-3.6.9, 3.7-3.7.5, 3.8-3.8.2 - Remote Code Execution via SCORM Package Web Services
CVSS 7.5
CVE-2020-6485 MEDIUM
Google Chrome < 83.0.4103.61 - Navigation Restriction Bypass via Media Router
CVSS 6.5
CVE-2020-7137 MEDIUM
HPE Superdome Flex Server Firmware < 3.25.46 - Local Privilege Escalation in RMC Component
CVSS 6.7
CVE-2020-1695 HIGH
Resteasy 3.0.0-3.11.9 and 4.0.0-4.5.9 - HTTP Response Header Injection via Improper Input Validation
CVSS 7.5
CVE-2020-4411 HIGH
IBM Spectrum Scale 4.2.0.0-4.2.3.21 and 5.0.0.0-5.0.4.3 - Denial of Service via Invalid Ioctl Arguments
CVSS 7.1
CVE-2020-10967 MEDIUM
Dovecot < 2.3.10.1 - Unauthenticated Denial of Service via Empty Localpart in Mail
CVSS 5.3
CVE-2020-13111 HIGH
NaviServer 4.99.4-4.99.19 - Denial of Service via Chunked Transfer Request
CVSS 7.5
CVE-2020-3810 MEDIUM
APT < 2.1.2 - Denial of Service via Crafted Deb File Processing
CVSS 5.5
CVE-2020-8100 CRITICAL
Bitdefender Engines < 7.84063 - Denial of Service via Crafted Sample in cevakrnl.rv0 Module
CVSS 9.0
CVE-2020-2011 HIGH
Palo Alto Networks PAN-OS 7.1.0-7.1.25 - Unauthenticated Denial of Service via Crafted Registration Request
CVSS 7.5
CVE-2020-1714 HIGH
Keycloak < 11.0.0 - Remote Code Execution via Unsafe Deserialization
CVSS 8.8
CVE-2020-7454 CRITICAL
FreeBSD Out-of-Bounds Read/Write in libalias
CVSS 9.8
CVE-2020-12742 MEDIUM
iubenda-cookie-law-solution <2.3.5 - Info Disclosure
CVSS 6.1
CVE-2020-3341 HIGH
Clam AntiVirus 0.101-0.102.2 - Unauthenticated Denial of Service via PDF Archive Parsing
CVSS 7.5
CVE-2020-3327 HIGH
Clam AntiVirus < 0.102.2 - Unauthenticated Denial of Service via ARJ Archive Parsing
CVSS 7.5
CVE-2020-6248 HIGH
SAP Adaptive Server Enterprise Backup Server 16.0 - Authenticated Code Injection via DUMP or LOAD Command
CVSS 7.2
CVE-2020-10058 HIGH
Zephyr 2.1.0 and later - Privilege Escalation via Kscan Subsystem Syscall Argument Validation
CVSS 7.8
CVE-2020-10028 HIGH
Zephyr 1.14.0 and later - Improper Input Validation in Syscalls
CVSS 7.8
CVE-2020-12752 HIGH
Samsung mobile devices P9.0-Q10.0 - Info Disclosure
CVSS 7.5
CVE-2020-7803 HIGH
IMGTech Co,Ltd Zoneplayer <2.0.1.4 - RCE
CVSS 7.8
Details
Vulnerabilities 12,582
Exploit Likelihood High