CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,582 vulnerabilities with CWE-20
CVE-2020-3262 HIGH
Cisco Wireless LAN Controller Firmware - Unauthenticated Denial of Service via CAPWAP Packet Handling
CVSS 7.5
CVE-2020-3252 MEDIUM
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 6.5
CVE-2020-3251 HIGH
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 8.8
CVE-2020-3250 CRITICAL
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 9.8
CVE-2020-3249 HIGH
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 7.5
CVE-2020-3248 CRITICAL
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 9.8
CVE-2020-3247 CRITICAL
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 9.8
CVE-2020-3243 CRITICAL
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 9.8
CVE-2020-3240 HIGH
Cisco UCS Director - Auth Bypass/Path Traversal
CVSS 7.3
CVE-2020-3239 HIGH
Cisco UCS Director/Cisco UCS Director Express - Auth Bypass/Path T...
CVSS 8.8
CVE-2020-3194 HIGH
Cisco Webex Network Recording Player < 40.2 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2020-3162 HIGH
Cisco IoT Field Network Director - DoS
CVSS 7.5
CVE-2020-3161 CRITICAL KEV
Cisco IP Phone Multiple Models Firmware - Unauthenticated RCE or DoS via HTTP
CVSS 9.8
CVE-2020-3954 MEDIUM
VMware vRealize Log Insight < 8.1.0 - Open Redirect via Improper Input Validation
CVSS 6.1
CVE-2020-3953 MEDIUM
VMware vRealize Log Insight < 8.1.0 - Stored Cross-Site Scripting via Improper Input Validation
CVSS 4.8
CVE-2020-11536 CRITICAL
ONLYOFFICE Document Server 5.5.0 - Remote Code Execution via Malicious .docx File Unzip
CVSS 9.8
CVE-2020-11534 CRITICAL
ONLYOFFICE Document Server 5.5.0 - Remote Code Execution via NSFileDownloader Function
CVSS 9.8
CVE-2020-0984 HIGH
Microsoft AutoUpdate - Elevation of Privilege via Improper Update Validation
CVSS 7.8
CVE-2020-0910 HIGH
Windows 10 and Windows Server 2016/2019 - Remote Code Execution via Hyper-V Input Validation
CVSS 8.4
CVE-2020-2908 HIGH
Oracle VM VirtualBox <5.2.40-6.1.6 - Privilege Escalation
CVSS 8.2
CVE-2020-2907 HIGH
Oracle VM VirtualBox <5.2.40-6.1.6 - Privilege Escalation
CVSS 7.5
CVE-2020-5260 CRITICAL
Git < 2.17.4, 2.18.0-2.18.3 - Credential Leak via Encoded Newline in URL
CVSS 9.3
CVE-2020-8324 MEDIUM
LenovoAppScenarioPluginSystem <1.2.184.31 - Code Injection
CVSS 5.0
CVE-2020-6227 HIGH
SAP BusinessObjects <4.2 - Code Injection
CVSS 7.5
CVE-2020-4151 MEDIUM
IBM QRadar SIEM 7.3.0-7.3.3 - Authenticated Unauthorized Action via Improper Input Validation
CVSS 6.5
Details
Vulnerabilities 12,582
Exploit Likelihood High