CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,591 vulnerabilities with CWE-20
CVE-2020-1976 MEDIUM
GlobalProtect 5.0-5.0.5 - Authenticated Denial of Service
CVSS 4.7
CVE-2020-6192 HIGH
SAP Landscape Management <3.0 - Command Injection
CVSS 7.2
CVE-2020-6191 HIGH
SAP Landscape Management <3.0 - Privilege Escalation
CVSS 7.2
CVE-2020-6177 MEDIUM
SAP Mobile Platform 3.0 - Denial of Service via XML Input Validation
CVSS 4.3
CVE-2020-7957 MEDIUM
Dovecot 2.3.9-2.3.9.3 - Denial of Service in IMAP and LMTP Snippet Generation
CVSS 5.3
CVE-2020-8815 HIGH
BearFTP < 0.3.1 - Denial of Service via Slowloris Packet Flood
CVSS 7.5
CVE-2020-2110 HIGH
Jenkins Script Security Plugin < 1.69 - Sandbox Bypass via AST Transforming Annotations
CVSS 8.8
CVE-2020-2109 HIGH
Jenkins Pipeline < 2.78 - Sandbox Protection Bypass via Default Parameter Expressions
CVSS 8.8
CVE-2020-0751 MEDIUM
Windows 10 and Windows Server 2016 - Denial of Service via Hyper-V Input Validation Failure
CVSS 6.0
CVE-2020-0661 MEDIUM
Windows 10 and Windows Server 2016/2019 - Denial of Service via Hyper-V Input Validation
CVSS 6.8
CVE-2020-6416 HIGH
Google Chrome <80.0.3987.87 - Heap Corruption
CVSS 8.8
CVE-2020-6412 MEDIUM
Google Chrome < 80.0.3987.87 - Domain Spoofing via IDN Homographs in Omnibox
CVSS 5.4
CVE-2020-6411 MEDIUM
Google Chrome < 80.0.3987.87 - Domain Spoofing via IDN Homographs in Omnibox
CVSS 5.4
CVE-2020-6402 HIGH
Google Chrome < 80.0.3987.87 - Arbitrary Code Execution via Malicious Extension
CVSS 8.8
CVE-2020-6401 MEDIUM
Google Chrome < 80.0.3987.87 - Domain Spoofing via IDN Homographs in Omnibox
CVSS 6.5
CVE-2020-6399 MEDIUM
Google Chrome <80.0.3987.87 - Info Disclosure
CVSS 6.5
CVE-2020-3111 HIGH
Cisco IP Phone Firmware - Remote Code Execution or DoS via Cisco Discovery Protocol
CVSS 8.8
CVE-2020-3110 HIGH
Cisco Video Surveillance 8000 Series - RCE
CVSS 8.8
CVE-2020-8517 HIGH
Squid < 4.10 - Denial of Service via NTLM Credentials Buffer Overflow
CVSS 7.5
CVE-2020-8125 CRITICAL
klona < 1.1.0 - Prototype Pollution via Input Validation Flaw
CVSS 9.8
CVE-2020-8124 MEDIUM
url-parse < 1.4.4 - Security Check Bypass via Insufficient Input Validation
CVSS 5.3
CVE-2020-8122 MEDIUM
Nextcloud Server <14.0.3 - Info Disclosure
CVSS 4.3
CVE-2020-8095 MEDIUM
Bitdefender Total Security 2020 - DoS
CVSS 4.9
CVE-2020-3147 HIGH
Cisco Small Business Switches - DoS
CVSS 7.5
CVE-2020-8445 CRITICAL
OSSEC-HIDS <3.5.0 - Info Disclosure
CVSS 9.8
Details
Vulnerabilities 12,591
Exploit Likelihood High