The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,582 vulnerabilities with CWE-20
CVE-2020-3126
LOW
Cisco Webex Meetings Server - Authenticated Security Bypass via Multimedia Viewer Missing Warning Dialog
CVSS 3.0
CVE-2020-1633
HIGH
Junos OS 17.4-19.2 - Denial of Service via NDP Proxy Feature
CVSS 7.4
CVE-2020-1619
MEDIUM
Juniper Junos OS - Authenticated Privilege Escalation via NG-RE vmhost Access
CVSS 6.0
CVE-2020-1986
MEDIUM
Secdo - Authenticated Denial of Service via Improper Input Validation
CVSS 5.5
CVE-2020-1984
HIGH
Secdo - Privilege Escalation via Hardcoded Script Path
CVSS 7.8
CVE-2020-7614
CRITICAL
npm-programmatic < 0.0.12 - OS Command Injection via Unvalidated Package and Option Properties
CVSS 9.8
CVE-2020-8147
CRITICAL
utils-extend < 1.0.8 - Prototype Pollution leading to Remote Code Execution or Denial of Service
CVSS 9.8
CVE-2020-3850
CRITICAL
macOS Catalina <10.15.3 - Memory Corruption
CVSS 9.8
CVE-2020-3849
CRITICAL
macOS Catalina <10.15.3 - Memory Corruption
CVSS 9.8
CVE-2020-3848
CRITICAL
macOS Catalina <10.15.3 - Memory Corruption
CVSS 9.8
CVE-2020-3847
CRITICAL
macOS Catalina <10.15.3 - Info Disclosure
CVSS 9.8
CVE-2020-10204
HIGH
Sonatype Nexus < 3.21.2 - Remote Code Execution
CVSS 7.2
CVE-2020-3905
HIGH
macOS Catalina <10.15.4 - Memory Corruption
CVSS 7.8
CVE-2020-3893
HIGH
macOS Catalina <10.15.4 - Memory Corruption
CVSS 7.8
CVE-2020-3892
HIGH
macOS Catalina <10.15.4 - Memory Corruption
CVSS 7.8
CVE-2020-3884
MEDIUM
macOS Catalina <10.15.4 - Code Injection
CVSS 6.1
CVE-2020-4214
HIGH
IBM Spectrum Protect Plus 10.1.0-10.1.5 - Unauthenticated Arbitrary Directory Deletion via Improper Input Validation
CVSS 7.5
CVE-2020-4206
HIGH
IBM Spectrum Protect Plus 10.1.0-10.1.5 - Remote Code Execution via Improper Input Validation
CVSS 8.8
CVE-2020-10374
CRITICAL
Paessler PRTG Network Monitor 19.2.50-20.1.56 - Unauthenticated Remote Code Execution via Screenshot Function
CVSS 9.8
CVE-2020-5255
LOW
Symfony <4.4.7, <5.0.7 - Info Disclosure
CVSS 2.6
CVE-2020-10885
CRITICAL
TP-Link Archer A7 Firmware <190726 - RCE
CVSS 9.8
CVE-2020-2168
HIGH
Jenkins Azure Container Service Plugin <= 1.0.1 - Remote Code Execution via YAML Parser
CVSS 8.8
CVE-2020-2167
HIGH
Jenkins OpenShift Pipeline Plugin <= 1.0.56 - Remote Code Execution via YAML Parser
CVSS 8.8
CVE-2020-2166
HIGH
Jenkins Pipeline: AWS Steps Plugin < 1.40 - Remote Code Execution via YAML Deserialization
CVSS 8.8
CVE-2020-5555
CRITICAL
Shihonkanri Plus GOOUT - Info Disclosure
CVSS 9.1
Details
Vulnerabilities
12,582
Exploit Likelihood
High