CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,591 vulnerabilities with CWE-20
CVE-2019-11998 MEDIUM
HPE Superdome Flex Server <v3.20.206 - Info Disclosure, DoS
CVSS 5.5
CVE-2019-13524 HIGH
Emerson RX3i CPE/CRU Firmware - Denial of Service via Specially Crafted Packets
CVSS 7.5
CVE-2019-13939 HIGH
APOGEE MEC/MBC/PXC - Info Disclosure
CVSS 7.1
CVE-2019-15961 HIGH
ClamAV < 0.101.4 - Unauthenticated Denial of Service via MIME Parsing Routines
CVSS 7.5
CVE-2019-19495 CRITICAL
Technicolor TC7230 STEB 01.25 - SSRF
CVSS 9.8
CVE-2019-6529 MEDIUM
PR100088 Modbus Gateway Firmware < 1.1.13166 - Denial of Service via Crafted FTP Request
CVSS 4.9
CVE-2019-14866 HIGH
cpio < 2.13 - Improper Input Validation in TAR Archive Generation
CVSS 7.3
CVE-2019-9668 HIGH
Rovinbhandari FTP <2012-03-28 - DoS
CVSS 7.5
CVE-2019-20041 CRITICAL
WordPress < 5.3.1 - Input Validation Bypass via HTML5 Colon Named Entity
CVSS 9.8
CVE-2019-19398 CRITICAL
M5 lite 10 <8.0.0.182(C00) - Memory Corruption
CVSS 9.8
CVE-2019-5266 HIGH
Huawei Share <9.1.0.193 - Buffer Overflow
CVSS 7.5
CVE-2019-19337 MEDIUM
Red Hat Ceph Storage 3 - Authenticated Denial of Service via HTTP Content-Length Header
CVSS 6.5
CVE-2019-15915 HIGH
Xiaomi DGNWG03LM ZNCZ03LM MCCGQ01LM RTCGQ01LM Firmware - Denial of Service via ZigBee Network Discovery
CVSS 7.5
CVE-2019-15914 HIGH
Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM DoS via ZigBee Trust Center Rejoin
CVSS 7.5
CVE-2019-15912 HIGH
ASUS ZigBee Devices - Denial of Service via Trust Center Rejoin
CVSS 7.5
CVE-2019-15910 HIGH
ASUS HG100 MW100 WS-101 TS-101 AS-101 MS-101 DL-101 Firmware - Denial of Service via ZigBee Network Discovery
CVSS 7.5
CVE-2019-19902 HIGH
Backdrop CMS 1.13.0-1.13.4 and 1.14.0-1.14.1 - Authenticated Arbitrary File Upload via Configuration Archive
CVSS 7.2
CVE-2019-11108 MEDIUM
Intel CSME Firmware 12.0-12.0.45 Privilege Escalation via Input Validation
CVSS 6.7
CVE-2019-11107 CRITICAL
Intel Active Management Technology Firmware 12.0-12.0.45 - Unauthenticated Privilege Escalation via Network Access
CVSS 9.8
CVE-2019-11104 HIGH
Intel CSME and TXE Firmware - Authenticated Privilege Escalation via MEInfo Input Validation
CVSS 7.8
CVE-2019-11103 HIGH
Intel CSME Firmware 12.0-12.0.45 Privilege Escalation via Firmware Update
CVSS 7.8
CVE-2019-11102 MEDIUM
Intel Dynamic Application Loader < 11.8.70 - Information Disclosure via Insufficient Input Validation
CVSS 4.4
CVE-2019-11101 MEDIUM
Intel CSME < 11.8.70 and TXE < 3.1.70 - Authenticated Information Disclosure via Insufficient Input Validation
CVSS 4.4
CVE-2019-11100 MEDIUM
Intel AMT Firmware 11.0-11.8.70 - Unauthenticated Information Disclosure via Physical Access
CVSS 4.6
CVE-2019-11088 HIGH
Intel AMT Firmware 11.0-11.8.69 - Unauthenticated Privilege Escalation via Adjacent Access
CVSS 8.8
Details
Vulnerabilities 12,591
Exploit Likelihood High