The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,591 vulnerabilities with CWE-20
CVE-2020-5215
MEDIUM
TensorFlow < 1.15.2 - Denial of Service via String to tf.float16 Conversion
CVSS 5.0
CVE-2020-8087
CRITICAL
SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA - Command Injection
CVSS 9.8
CVE-2020-3139
MEDIUM
Cisco Application Policy Infrastructure Controller < 4.2(3j) - Unauthenticated IP Table Rule Bypass
CVSS 5.3
CVE-2020-3134
MEDIUM
Cisco Email Security Appliance < 13.0 - Unauthenticated Denial of Service via Zip Decompression Engine
CVSS 6.5
CVE-2020-6965
CRITICAL
GE Healthcare ApexPro Telemetry Server < 4.2 - Authenticated Arbitrary File Upload via Software Update Mechanism
CVSS 9.9
CVE-2020-6963
CRITICAL
GE Healthcare ApexPro Telemetry Server < 4.2 - Remote Code Execution via Hardcoded SMB Credentials
CVSS 10.0
CVE-2020-6962
CRITICAL
GE Healthcare ApexPro Telemetry Server < 4.2 - Remote Code Execution via Web Configuration Utility
CVSS 10.0
CVE-2020-6638
HIGH
Grin < 2.1.1 - Improper Input Validation
CVSS 7.5
CVE-2020-7058
HIGH
Cacti 1.2.8 - Remote Code Execution via Data Input Methods Unix Ping Host
CVSS 8.8
CVE-2020-0617
MEDIUM
Microsoft Hyper-V - Denial of Service via Virtual PCI Input Validation
CVSS 6.0
CVE-2020-0606
HIGH
.NET Framework - Remote Code Execution via Unchecked File Markup
CVSS 8.8
CVE-2020-0605
HIGH
.NET Framework - Remote Code Execution via Unchecked File Source Markup
CVSS 8.8
CVE-2020-6304
HIGH
SAP NetWeaver Internet Communication Manager <7.53 - DoS
CVSS 7.5
CVE-2020-5519
CRITICAL
OpenLiteSpeed < 1.6.5 - Unauthenticated Server-Side Request Forgery via WebAdmin Console
CVSS 9.8
CVE-2019-11098
MEDIUM
EDK II - Unauthenticated Privilege Escalation, Denial of Service and Information Disclosure via Physical Access
CVSS 6.8
CVE-2019-11781
HIGH
Odoo < 12.0 - Unauthenticated Privilege Escalation via Portal Component
CVSS 8.8
CVE-2019-8857
LOW
iPadOS < 13.3 - Unintended Live Photo Data Exposure via iCloud Link Sharing
CVSS 3.3
CVE-2019-8853
MEDIUM
macOS < 10.15.4 - Unprotected Memory Exposure via Input Validation Issue
CVSS 5.5
CVE-2019-8664
MEDIUM
iPhone OS < 12.3 and watchOS < 5.2.1 - Denial of Service via Maliciously Crafted Message
CVSS 6.5
CVE-2019-8774
MEDIUM
iPadOS < 13.1 - Denial of Service via Maliciously Crafted iBooks File
CVSS 5.5
CVE-2019-8737
MEDIUM
macOS < 10.15.1 - Denial of Service via Improper Input Validation
CVSS 6.5
CVE-2019-8736
MEDIUM
macOS < 10.15 - Unprotected User Data Exposure via Input Validation Issue
CVSS 6.5
CVE-2019-8668
MEDIUM
iPhone OS < 12.4 - Denial of Service via Maliciously Crafted Image
CVSS 5.5
CVE-2019-8640
HIGH
macOS < 10.14.5 - Sandbox Restriction Bypass via Logic Issue
CVSS 7.5
CVE-2019-8633
HIGH
iPhone OS <12.3, macOS 10.13.6-10.14.5, tvOS <12.3, watchOS <5.3 - Unauthorized Memory Read
CVSS 7.5
Details
Vulnerabilities
12,591
Exploit Likelihood
High