The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,582 vulnerabilities with CWE-20
CVE-2020-3272
HIGH
Cisco Prime Network Registrar - DoS
CVSS 7.5
CVE-2020-1195
MEDIUM
Microsoft Edge - Elevation of Privilege via Feedback Extension Input Validation
CVSS 5.9
CVE-2020-1173
MEDIUM
Microsoft Power BI Report Server - Spoofing via Attachment Content-Type Validation
CVSS 6.8
CVE-2020-1084
MEDIUM
Connected User Experiences and Telemetry Service - DoS
CVSS 5.5
CVE-2020-1081
HIGH
Windows Printer Service - Privilege Escalation
CVSS 7.8
CVE-2020-10738
HIGH
Moodle 3.5-3.5.11, 3.6-3.6.9, 3.7-3.7.5, 3.8-3.8.2 - Remote Code Execution via SCORM Package Web Services
CVSS 7.5
CVE-2020-6485
MEDIUM
Google Chrome < 83.0.4103.61 - Navigation Restriction Bypass via Media Router
CVSS 6.5
CVE-2020-7137
MEDIUM
HPE Superdome Flex Server Firmware < 3.25.46 - Local Privilege Escalation in RMC Component
CVSS 6.7
CVE-2020-1695
HIGH
Resteasy 3.0.0-3.11.9 and 4.0.0-4.5.9 - HTTP Response Header Injection via Improper Input Validation
CVSS 7.5
CVE-2020-4411
HIGH
IBM Spectrum Scale 4.2.0.0-4.2.3.21 and 5.0.0.0-5.0.4.3 - Denial of Service via Invalid Ioctl Arguments
CVSS 7.1
CVE-2020-10967
MEDIUM
Dovecot < 2.3.10.1 - Unauthenticated Denial of Service via Empty Localpart in Mail
CVSS 5.3
CVE-2020-13111
HIGH
NaviServer 4.99.4-4.99.19 - Denial of Service via Chunked Transfer Request
CVSS 7.5
CVE-2020-3810
MEDIUM
APT < 2.1.2 - Denial of Service via Crafted Deb File Processing
CVSS 5.5
CVE-2020-8100
CRITICAL
Bitdefender Engines < 7.84063 - Denial of Service via Crafted Sample in cevakrnl.rv0 Module
CVSS 9.0
CVE-2020-2011
HIGH
Palo Alto Networks PAN-OS 7.1.0-7.1.25 - Unauthenticated Denial of Service via Crafted Registration Request
CVSS 7.5
CVE-2020-1714
HIGH
Keycloak < 11.0.0 - Remote Code Execution via Unsafe Deserialization
CVSS 8.8
CVE-2020-7454
CRITICAL
FreeBSD Out-of-Bounds Read/Write in libalias
CVSS 9.8
CVE-2020-12742
MEDIUM
iubenda-cookie-law-solution <2.3.5 - Info Disclosure
CVSS 6.1
CVE-2020-3341
HIGH
Clam AntiVirus 0.101-0.102.2 - Unauthenticated Denial of Service via PDF Archive Parsing
CVSS 7.5
CVE-2020-3327
HIGH
Clam AntiVirus < 0.102.2 - Unauthenticated Denial of Service via ARJ Archive Parsing
CVSS 7.5
CVE-2020-6248
HIGH
SAP Adaptive Server Enterprise Backup Server 16.0 - Authenticated Code Injection via DUMP or LOAD Command
CVSS 7.2
CVE-2020-10058
HIGH
Zephyr 2.1.0 and later - Privilege Escalation via Kscan Subsystem Syscall Argument Validation
CVSS 7.8
CVE-2020-10028
HIGH
Zephyr 1.14.0 and later - Improper Input Validation in Syscalls
CVSS 7.8
CVE-2020-12752
HIGH
Samsung mobile devices P9.0-Q10.0 - Info Disclosure
CVSS 7.5
CVE-2020-7803
HIGH
IMGTech Co,Ltd Zoneplayer <2.0.1.4 - RCE
CVSS 7.8
Details
Vulnerabilities
12,582
Exploit Likelihood
High