The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,591 vulnerabilities with CWE-20
CVE-2020-10236
MEDIUM
Froxlor < 0.10.14 - Information Disclosure and Denial of Service via Static /tmp File Creation
CVSS 6.1
CVE-2020-10101
HIGH
Zammad 3.0-3.2 - Denial of Service via Non-JSON WebSocket Message
CVSS 7.5
CVE-2020-3164
MEDIUM
Cisco Email Security Appliance < 13.0.0-392 - Unauthenticated Denial of Service via HTTP Request Header
CVSS 5.3
CVE-2020-3128
HIGH
Cisco Webex Network Recording Player and Webex Player - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2020-3127
HIGH
Cisco Webex Network Recording Player and Webex Player - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2020-5403
HIGH
Reactor Netty HttpServer 0.9.3-0.9.4 - Denial of Service via URISyntaxException
CVSS 7.5
CVE-2020-6797
MEDIUM
Firefox < 73.0 and Firefox ESR < 68.5.0 - Arbitrary Application Launch via .fileloc Extension
CVSS 4.3
CVE-2020-8132
CRITICAL
pdf-image <= 2.0.0 - Remote Code Execution via Untrusted PDF File Path
CVSS 9.8
CVE-2020-9430
HIGH
Wireshark 2.6.0-2.6.14, 3.0.0-3.0.8, 3.2.0-3.2.1 - Denial of Service in WiMax DLMAP Dissector
CVSS 7.5
CVE-2020-3860
HIGH
iOS <13.3.1-iPadOS <13.3.1-watchOS <6.1.2 - Memory Corruption
CVSS 7.8
CVE-2020-3856
HIGH
iPadOS < 13.3.1 - Memory Corruption via Maliciously Crafted String
CVSS 7.8
CVE-2020-3846
HIGH
iCloud < 7.17 - Buffer Overflow via Malicious XML Processing
CVSS 8.8
CVE-2020-3839
MEDIUM
macOS Catalina <10.15.3 - Info Disclosure
CVSS 5.5
CVE-2020-3172
HIGH
Cisco FXOS/NX-OS RCE/DoS via Cisco Discovery Protocol
CVSS 8.8
CVE-2020-3170
MEDIUM
Cisco NX-OS < 8.4(1) - Unauthenticated Denial of Service via NX-API HTTP Header
CVSS 5.3
CVE-2020-3166
MEDIUM
Cisco FXOS Software - Privilege Escalation
CVSS 6.7
CVE-2020-4212
CRITICAL
IBM Spectrum Protect 10.1.0-10.1.5 - Remote Code Execution via HTTP Command
CVSS 9.8
CVE-2020-5243
MEDIUM
uap-core < 0.7.3 - Denial of Service via User-Agent Regex Processing
CVSS 5.7
CVE-2020-6977
MEDIUM
GE Ultrasound Products - Desktop Environment Escape
CVSS 6.8
CVE-2020-3160
MEDIUM
Cisco Meeting Server < 2.8.0 - Unauthenticated Denial of Service via XMPP Packet Input Validation
CVSS 5.3
CVE-2020-1811
HIGH
GaussDB 200 <6.5.1 - Command Injection
CVSS 8.8
CVE-2020-1828
HIGH
Huawei NIP6800 <V500R001C30-V500R005C00 & Secospace USG6600/9500 <V...
CVSS 7.5
CVE-2020-9013
MEDIUM
Arvato Skillpipe 3.0 - Unauthenticated Print Restriction Bypass via Watermark Div Removal
CVSS 4.3
CVE-2020-8843
HIGH
Istio 1.3.0-1.3.6 - Policy Bypass via x-istio-attributes Header
CVSS 7.4
CVE-2020-8614
CRITICAL
Askey AP4000W TDC_V1.01.003 - Remote Code Execution via bd_svr Service
CVSS 9.8
Details
Vulnerabilities
12,591
Exploit Likelihood
High