CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,591 vulnerabilities with CWE-20
CVE-2019-14082 CRITICAL
Qualcomm IPQ8074 MDM9206 MDM9207C MDM9607 QCN7605 SM8150 Firmware - Out-of-bounds Read in WLAN Memory Offset Handling
CVSS 9.1
CVE-2019-10577 CRITICAL
Qualcomm Snapdragon - Denial of Service via SIP URI Buffer Over-read
CVSS 9.1
CVE-2019-10552 CRITICAL
Qualcomm Snapdragon Firmware - Out-of-bounds Read in Service Reject/RAU Reject/PTMSI Realloc Command Decoding
CVSS 9.1
CVE-2019-19992 MEDIUM
Selesta Visual Access Manager 4.15.0-4.29.0 - Authenticated Arbitrary File Read via vam_editXml.php
CVSS 6.5
CVE-2019-20045 HIGH
HUSKY RTU 6049-E70 Firmware <= 5.0 - Denial of Service via Malicious Packet
CVSS 7.5
CVE-2019-19192 MEDIUM
STMicroelectronics BLE Stack <1.3.1 - DoS
CVSS 6.5
CVE-2019-13322 HIGH
Xiaomi Browser < 10.4.0 - Remote Code Execution via miui.share Application Handling
CVSS 8.8
CVE-2019-15606 CRITICAL
Node.js 10.0.0-10.18.1, 13.0.0-13.7.0 - Authorization Bypass via HTTP Header Trailing Whitespace
CVSS 9.8
CVE-2019-16152 MEDIUM
FortiClient for Linux < 6.2.1 - Denial of Service via Crafted IPC Client Requests
CVSS 6.5
CVE-2019-15624 MEDIUM
Nextcloud Server 15.0.7 - Improper Input Validation in User ID Handling
CVSS 4.9
CVE-2019-15613 HIGH
Nextcloud Server 17.0.1 - Insufficient Verification of Data Authenticity in Workflow Rules
CVSS 8.0
CVE-2019-4620 HIGH
IBM MQ Appliance <9.0 - Privilege Escalation
CVSS 7.8
CVE-2019-5464 CRITICAL
GitLab 10.2.0-11.11.7 - Server-Side Request Forgery via DNS Rebinding Protection Bypass
CVSS 9.8
CVE-2019-20430 HIGH
Lustre < 2.12.3 - Denial of Service via MDT Body eadatasize Field
CVSS 7.5
CVE-2019-16029 CRITICAL
Cisco Smart Software Manager On-Prem - DoS
CVSS 9.1
CVE-2019-16027 MEDIUM
Cisco IOS XR - Authenticated Denial of Service via SNMP OID Request Handling
CVSS 6.5
CVE-2019-16026 MEDIUM
Cisco Mobility Management Entity - DoS
CVSS 5.9
CVE-2019-16005 HIGH
Cisco Webex Video Mesh - Command Injection
CVSS 7.2
CVE-2019-1354 HIGH
Git for Visual Studio 2017 15.0-15.9.17 and 2019 16.0-16.4.0 - Remote Code Execution via Improper Input Sanitization
CVSS 8.8
CVE-2019-1352 HIGH
Visual Studio 2017 15.0-15.9.17 and 2019 16.0-16.4.0 - Remote Code Execution via Git Input Sanitization Flaw
CVSS 8.8
CVE-2019-1350 HIGH
Visual Studio 2017 15.0-15.9.17 and 2019 16.0-16.4.0 - Remote Code Execution via Git Input Sanitization Flaw
CVSS 8.8
CVE-2019-1349 HIGH
Visual Studio 2017 15.0-15.9.17 and 2019 16.0-16.4.0 - Remote Code Execution via Git Input Sanitization Flaw
CVSS 8.8
CVE-2019-19836 CRITICAL
Ruckus Wireless Unleashed < 200.7.10.202.94 - Remote Code Execution via AjaxRestrictedCmdStat
CVSS 9.8
CVE-2019-14010 HIGH
Snapdragon Auto - Buffer Overflow
CVSS 7.5
CVE-2019-9503 HIGH
Broadcom brcmfmac WiFi driver <a4176ec356c73a46c07c181c6d04039fafa3...
CVSS 7.9
Details
Vulnerabilities 12,591
Exploit Likelihood High