The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,582 vulnerabilities with CWE-20
CVE-2020-10971
HIGH
Wavlink Jetstream - Command Injection
CVSS 8.8
CVE-2020-6651
HIGH
Eaton Intelligent Power Manager < 1.67 - OS Command Injection via Configuration File Import
CVSS 8.8
CVE-2020-12669
HIGH
Dolibarr < 11.0.4 - Authenticated Access Control Bypass via Non-Alphanumeric Menu Parameter
CVSS 8.8
CVE-2020-3309
HIGH
Cisco Firepower Device Manager - Privilege Escalation
CVSS 7.2
CVE-2020-3307
MEDIUM
Cisco Firepower Management Center - Info Disclosure
CVSS 5.3
CVE-2020-3302
HIGH
Cisco Firepower Management Center - File Overwrite
CVSS 8.1
CVE-2020-3191
HIGH
Cisco ASA and Firepower Threat Defense - Denial of Service via IPv6 DNS Packet Length Validation
CVSS 8.6
CVE-2020-10693
MEDIUM
Hibernate Validator 6.1.2.Final - Info Disclosure
CVSS 5.3
CVE-2020-10622
HIGH
LCDS LAquis SCADA <4.3.1 - Privilege Escalation
CVSS 7.8
CVE-2020-1732
MEDIUM
Soteria <1.0.1 - Privilege Escalation
CVSS 4.2
CVE-2020-8476
MEDIUM
ABB Central Licensing Server - Unauthenticated License Tampering via Crafted Messages
CVSS 5.3
CVE-2020-8475
MEDIUM
ABB Ability System 800xA and related products - Denial of Service via Central Licensing Server Input Validation Weakness
CVSS 5.3
CVE-2020-10663
HIGH
JSON gem < 2.2.0 - Unsafe Object Creation via JSON Parsing
CVSS 7.5
CVE-2020-5565
MEDIUM
Cybozu Garoon <4.10.3 - Code Injection
CVSS 4.3
CVE-2020-1880
MEDIUM
Huawei Lion-AL00C <10.0.0.205(C00E202R7P2 - DoS
CVSS 5.5
CVE-2020-4415
CRITICAL
IBM Spectrum Protect 7.1.0.0-7.1.9.9 - Stack-Based Buffer Overflow via Improper Bounds Checking
CVSS 9.8
CVE-2020-12066
HIGH
Teeworlds 0.7.0-0.7.4 - Denial of Service via CServer::SendMsg
CVSS 7.5
CVE-2020-11008
MEDIUM
Git < 2.17.5 - Credential Leak via Malicious URL Pattern
CVSS 4.0
CVE-2020-1757
HIGH
undertow <2.0.30.SP1 - Security Bypass
CVSS 8.1
CVE-2020-11890
MEDIUM
Joomla! < 3.9.17 - Improper Input Validation in Usergroup Table
CVSS 5.3
CVE-2020-5728
MEDIUM
OpenMRS < 2.9.0 - Stored Cross-Site Scripting via Referrer Header
CVSS 6.1
CVE-2020-10211
CRITICAL
Mitel MiVoice Connect < 22.11.4900.0 - Unauthenticated Remote Code Execution via UCB URL Parameter
CVSS 9.8
CVE-2020-11007
MEDIUM
Shopizer < 2.11.0 - Improper Input Validation in Quantity Handling
CVSS 6.5
CVE-2020-3653
CRITICAL
Snapdragon Compute - Buffer Overflow
CVSS 9.1
CVE-2020-3652
CRITICAL
Windows WLAN Driver - Buffer Overflow
CVSS 9.1
Details
Vulnerabilities
12,582
Exploit Likelihood
High