CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,591 vulnerabilities with CWE-20
CVE-2019-11087 MEDIUM
Intel CSME < 11.8.70 and TXE < 3.1.70 - Privilege Escalation via Insufficient Input Validation
CVSS 6.7
CVE-2019-11086 MEDIUM
Intel Active Management Technology Firmware 12.0-12.0.45 - Unauthenticated Privilege Escalation via Physical Access
CVSS 6.8
CVE-2019-0168 MEDIUM
Intel CSME <11.8.70/12.0.45/13.0.10 & TXE <3.1.70/4.0.20 - Information Disclosure
CVSS 4.4
CVE-2019-0166 HIGH
Intel Active Management Technology Firmware 11.0-11.8.69 - Unauthenticated Information Disclosure via Network Access
CVSS 7.5
CVE-2019-0165 MEDIUM
Intel Converged Security Management Engine Firmware 12.0-12.0.45 - Denial of Service via Insufficient Input Validation
CVSS 4.4
CVE-2019-0131 HIGH
Intel AMT Firmware 11.0-11.8.70 - Unauthenticated Denial of Service or Information Disclosure via Adjacent Access
CVSS 8.1
CVE-2019-18995 MEDIUM
ABB PB610 Panel Builder <2.8.0.424 - DoS
CVSS 4.3
CVE-2019-18994 LOW
ABB PB610 Panel Builder <2.8.0.424 - DoS
CVSS 3.9
CVE-2019-8817 MEDIUM
macOS < 10.15.1 - Unauthorized Memory Read via Input Validation Issue
CVSS 5.5
CVE-2019-8802 HIGH
macOS < 10.15.1 - Privilege Escalation
CVSS 7.8
CVE-2019-8794 MEDIUM
iPadOS < 13.2 - Unauthorized Memory Read via Input Validation Issue
CVSS 5.5
CVE-2019-8788 HIGH
iPadOS < 13.2 - Data Exfiltration via URL Parsing Issue
CVSS 7.5
CVE-2019-8724 HIGH
Xcode < 11.0 - Arbitrary Code Execution via ld64 Input Validation Issue
CVSS 8.8
CVE-2019-8723 HIGH
Xcode < 11.0 - Arbitrary Code Execution via ld64 Input Validation Issue
CVSS 8.8
CVE-2019-8722 HIGH
Xcode < 11.0 - Arbitrary Code Execution via ld64 Input Validation Issue
CVSS 8.8
CVE-2019-8721 HIGH
Xcode < 11.0 - Arbitrary Code Execution via ld64 Input Validation Issue
CVSS 8.8
CVE-2019-8711 MEDIUM
iPhone OS < 13.0 - Unprotected Notification Preview Exposure via Bluetooth Accessory
CVSS 5.3
CVE-2019-8698 LOW
iPhone OS < 12.4 - Entitlement Verification Bypass
CVSS 3.3
CVE-2019-8670 MEDIUM
Safari < 12.1.2 - Address Bar Spoofing via Inconsistent UI State
CVSS 4.3
CVE-2019-8665 HIGH
iPhone OS < 12.4 and watchOS < 5.3 - Denial of Service via Improper Input Validation
CVSS 7.5
CVE-2019-8654 MEDIUM
Safari < 13.0.1 - User Interface Spoofing via State Management Issue
CVSS 6.5
CVE-2019-8637 HIGH
iPhone OS < 12.3 - Privilege Escalation
CVSS 7.8
CVE-2019-8626 MEDIUM
iPhone OS < 12.3 and watchOS < 5.2.1 - Denial of Service via Maliciously Crafted Message
CVSS 6.5
CVE-2019-8566 LOW
iPhone OS < 12.2 - Unauthenticated Microphone Data Access via API Validation Issue
CVSS 3.3
CVE-2019-8561 HIGH
macOS < 10.14.4 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 12,591
Exploit Likelihood High