The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,582 vulnerabilities with CWE-20
CVE-2020-3262
HIGH
Cisco Wireless LAN Controller Firmware - Unauthenticated Denial of Service via CAPWAP Packet Handling
CVSS 7.5
CVE-2020-3252
MEDIUM
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 6.5
CVE-2020-3251
HIGH
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 8.8
CVE-2020-3250
CRITICAL
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 9.8
CVE-2020-3249
HIGH
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 7.5
CVE-2020-3248
CRITICAL
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 9.8
CVE-2020-3247
CRITICAL
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 9.8
CVE-2020-3243
CRITICAL
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 9.8
CVE-2020-3240
HIGH
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 7.3
CVE-2020-3239
HIGH
Cisco UCS Director/Cisco UCS Director Express - Auth Bypass/Path T...
CVSS 8.8
CVE-2020-3194
HIGH
Cisco Webex Network Recording Player < 40.2 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2020-3162
HIGH
Cisco IoT Field Network Director - DoS
CVSS 7.5
CVE-2020-3161
CRITICAL
KEV
Cisco IP Phone Multiple Models Firmware - Unauthenticated RCE or DoS via HTTP
CVSS 9.8
CVE-2020-3954
MEDIUM
VMware vRealize Log Insight < 8.1.0 - Open Redirect via Improper Input Validation
CVSS 6.1
CVE-2020-3953
MEDIUM
VMware vRealize Log Insight < 8.1.0 - Stored Cross-Site Scripting via Improper Input Validation
CVSS 4.8
CVE-2020-11536
CRITICAL
ONLYOFFICE Document Server 5.5.0 - Remote Code Execution via Malicious .docx File Unzip
CVSS 9.8
CVE-2020-11534
CRITICAL
ONLYOFFICE Document Server 5.5.0 - Remote Code Execution via NSFileDownloader Function
CVSS 9.8
CVE-2020-0984
HIGH
Microsoft AutoUpdate - Elevation of Privilege via Improper Update Validation
CVSS 7.8
CVE-2020-0910
HIGH
Windows 10 and Windows Server 2016/2019 - Remote Code Execution via Hyper-V Input Validation
CVSS 8.4
CVE-2020-2908
HIGH
Oracle VM VirtualBox <5.2.40-6.1.6 - Privilege Escalation
CVSS 8.2
CVE-2020-2907
HIGH
Oracle VM VirtualBox <5.2.40-6.1.6 - Privilege Escalation
CVSS 7.5
CVE-2020-5260
CRITICAL
Git < 2.17.4, 2.18.0-2.18.3 - Credential Leak via Encoded Newline in URL
CVSS 9.3
CVE-2020-8324
MEDIUM
LenovoAppScenarioPluginSystem <1.2.184.31 - Code Injection
CVSS 5.0
CVE-2020-6227
HIGH
SAP BusinessObjects <4.2 - Code Injection
CVSS 7.5
CVE-2020-4151
MEDIUM
IBM QRadar SIEM 7.3.0-7.3.3 - Authenticated Unauthorized Action via Improper Input Validation
CVSS 6.5
Details
Vulnerabilities
12,582
Exploit Likelihood
High