CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,591 vulnerabilities with CWE-20
CVE-2019-8549 HIGH
iPhone OS < 12.2 - Remote Code Execution via MIG Generated Code
CVSS 7.8
CVE-2019-8516 HIGH
iPhone OS < 12.2 - Denial of Service via Maliciously Crafted String
CVSS 7.5
CVE-2019-8515 MEDIUM
iCloud < 7.11 - Cross-Origin Information Disclosure via Fetch API
CVSS 6.5
CVE-2019-8507 MEDIUM
macOS < 10.14.4 - Denial of Service via Memory Corruption
CVSS 5.5
CVE-2019-8503 HIGH
iCloud < 7.11 - Cross-Site Scripting
CVSS 8.8
CVE-2019-8502 LOW
iPhone OS < 12.2 - Unauthorized Dictation Request via API Issue
CVSS 3.3
CVE-2019-7292 MEDIUM
Apple iCloud <7.11, iTunes <12.9.4, Safari <12.1, iOS <12.2, tvOS <12.2, watchOS <5.2 - Memory Disclosure
CVSS 6.5
CVE-2019-2304 HIGH
Snapdragon Auto et al - Buffer Overflow
CVSS 7.8
CVE-2019-10595 HIGH
Qualcomm APQ8009 and related firmware - Buffer Overflow via Unvalidated TID Value
CVSS 7.8
CVE-2019-14609 MEDIUM
Intel NUC Firmware - Privilege Escalation via Improper Input Validation
CVSS 6.7
CVE-2019-5260 MEDIUM
Huawei Y9 2019 & Honor View 20 - DoS
CVSS 6.5
CVE-2019-13932 CRITICAL
Siemens XHQ < 6.0.0.2 - Unauthenticated Script Import and Malicious Link Generation
CVSS 9.1
CVE-2019-1484 HIGH
Microsoft Windows OLE - Remote Code Execution via Improper Input Validation
CVSS 7.8
CVE-2019-1471 HIGH
Windows 10 and Windows Server 2016/2019 - Remote Code Execution via Hyper-V Input Validation
CVSS 8.2
CVE-2019-1470 MEDIUM
Windows Hyper-V - Authenticated Information Disclosure via Improper Input Validation
CVSS 6.0
CVE-2019-13750 MEDIUM
Google Chrome <79.0.3945.79 - Info Disclosure
CVSS 6.5
CVE-2019-2232 HIGH
Android 8.0-10 - Denial of Service in TextLine Unicode Handling
CVSS 7.5
CVE-2019-7193 CRITICAL KEV
QNAP QTS - Remote Code Execution via Improper Input Validation
CVSS 9.8
CVE-2019-11255 MEDIUM
Kubernetes CSI Sidecar Containers - Unauthorized PersistentVolume Data Access via Improper Input Validation
CVSS 4.8
CVE-2019-19579 MEDIUM
Xen < 4.12.1 - Privilege Escalation via DMA in PCI Passthrough
CVSS 6.8
CVE-2019-17555 HIGH
Apache Olingo 4.0.0-4.6.0 - Denial of Service via Retry-After Header
CVSS 7.5
CVE-2019-19396 HIGH
illumos <r151030y - Memory Corruption
CVSS 7.5
CVE-2019-5268 HIGH
Huawei Home Router - Info Disclosure
CVSS 8.1
CVE-2019-19376 MEDIUM
Octopus Deploy < 2019.10.7 and 2019.6.0-2019.6.13 - Authenticated Denial of Service via Malformed Team API Request
CVSS 6.5
CVE-2019-18247 HIGH
Relion 650 and 670 Firmware - Denial of Service via Crafted Message
CVSS 7.5
Details
Vulnerabilities 12,591
Exploit Likelihood High