CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,582 vulnerabilities with CWE-20
CVE-2020-10971 HIGH
Wavlink Jetstream - Command Injection
CVSS 8.8
CVE-2020-6651 HIGH
Eaton Intelligent Power Manager < 1.67 - OS Command Injection via Configuration File Import
CVSS 8.8
CVE-2020-12669 HIGH
Dolibarr < 11.0.4 - Authenticated Access Control Bypass via Non-Alphanumeric Menu Parameter
CVSS 8.8
CVE-2020-3309 HIGH
Cisco Firepower Device Manager - Privilege Escalation
CVSS 7.2
CVE-2020-3307 MEDIUM
Cisco Firepower Management Center - Info Disclosure
CVSS 5.3
CVE-2020-3302 HIGH
Cisco Firepower Management Center - File Overwrite
CVSS 8.1
CVE-2020-3191 HIGH
Cisco ASA and Firepower Threat Defense - Denial of Service via IPv6 DNS Packet Length Validation
CVSS 8.6
CVE-2020-10693 MEDIUM
Hibernate Validator 6.1.2.Final - Info Disclosure
CVSS 5.3
CVE-2020-10622 HIGH
LCDS LAquis SCADA <4.3.1 - Privilege Escalation
CVSS 7.8
CVE-2020-1732 MEDIUM
Soteria <1.0.1 - Privilege Escalation
CVSS 4.2
CVE-2020-8476 MEDIUM
ABB Central Licensing Server - Unauthenticated License Tampering via Crafted Messages
CVSS 5.3
CVE-2020-8475 MEDIUM
ABB Ability System 800xA and related products - Denial of Service via Central Licensing Server Input Validation Weakness
CVSS 5.3
CVE-2020-10663 HIGH
JSON gem < 2.2.0 - Unsafe Object Creation via JSON Parsing
CVSS 7.5
CVE-2020-5565 MEDIUM
Cybozu Garoon <4.10.3 - Code Injection
CVSS 4.3
CVE-2020-1880 MEDIUM
Huawei Lion-AL00C <10.0.0.205(C00E202R7P2 - DoS
CVSS 5.5
CVE-2020-4415 CRITICAL
IBM Spectrum Protect 7.1.0.0-7.1.9.9 - Stack-Based Buffer Overflow via Improper Bounds Checking
CVSS 9.8
CVE-2020-12066 HIGH
Teeworlds 0.7.0-0.7.4 - Denial of Service via CServer::SendMsg
CVSS 7.5
CVE-2020-11008 MEDIUM
Git < 2.17.5 - Credential Leak via Malicious URL Pattern
CVSS 4.0
CVE-2020-1757 HIGH
undertow <2.0.30.SP1 - Security Bypass
CVSS 8.1
CVE-2020-11890 MEDIUM
Joomla! < 3.9.17 - Improper Input Validation in Usergroup Table
CVSS 5.3
CVE-2020-5728 MEDIUM
OpenMRS < 2.9.0 - Stored Cross-Site Scripting via Referrer Header
CVSS 6.1
CVE-2020-10211 CRITICAL
Mitel MiVoice Connect < 22.11.4900.0 - Unauthenticated Remote Code Execution via UCB URL Parameter
CVSS 9.8
CVE-2020-11007 MEDIUM
Shopizer < 2.11.0 - Improper Input Validation in Quantity Handling
CVSS 6.5
CVE-2020-3653 CRITICAL
Snapdragon Compute - Buffer Overflow
CVSS 9.1
CVE-2020-3652 CRITICAL
Windows WLAN Driver - Buffer Overflow
CVSS 9.1
Details
Vulnerabilities 12,582
Exploit Likelihood High