The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,591 vulnerabilities with CWE-20
CVE-2019-8549
HIGH
iPhone OS < 12.2 - Remote Code Execution via MIG Generated Code
CVSS 7.8
CVE-2019-8516
HIGH
iPhone OS < 12.2 - Denial of Service via Maliciously Crafted String
CVSS 7.5
CVE-2019-8515
MEDIUM
iCloud < 7.11 - Cross-Origin Information Disclosure via Fetch API
CVSS 6.5
CVE-2019-8507
MEDIUM
macOS < 10.14.4 - Denial of Service via Memory Corruption
CVSS 5.5
CVE-2019-8503
HIGH
iCloud < 7.11 - Cross-Site Scripting
CVSS 8.8
CVE-2019-8502
LOW
iPhone OS < 12.2 - Unauthorized Dictation Request via API Issue
CVSS 3.3
CVE-2019-7292
MEDIUM
Apple iCloud <7.11, iTunes <12.9.4, Safari <12.1, iOS <12.2, tvOS <12.2, watchOS <5.2 - Memory Disclosure
CVSS 6.5
CVE-2019-2304
HIGH
Snapdragon Auto et al - Buffer Overflow
CVSS 7.8
CVE-2019-10595
HIGH
Qualcomm APQ8009 and related firmware - Buffer Overflow via Unvalidated TID Value
CVSS 7.8
CVE-2019-14609
MEDIUM
Intel NUC Firmware - Privilege Escalation via Improper Input Validation
CVSS 6.7
CVE-2019-5260
MEDIUM
Huawei Y9 2019 & Honor View 20 - DoS
CVSS 6.5
CVE-2019-13932
CRITICAL
Siemens XHQ < 6.0.0.2 - Unauthenticated Script Import and Malicious Link Generation
CVSS 9.1
CVE-2019-1484
HIGH
Microsoft Windows OLE - Remote Code Execution via Improper Input Validation
CVSS 7.8
CVE-2019-1471
HIGH
Windows 10 and Windows Server 2016/2019 - Remote Code Execution via Hyper-V Input Validation
CVSS 8.2
CVE-2019-1470
MEDIUM
Windows Hyper-V - Authenticated Information Disclosure via Improper Input Validation
CVSS 6.0
CVE-2019-13750
MEDIUM
Google Chrome <79.0.3945.79 - Info Disclosure
CVSS 6.5
CVE-2019-2232
HIGH
Android 8.0-10 - Denial of Service in TextLine Unicode Handling
CVSS 7.5
CVE-2019-7193
CRITICAL
KEV
QNAP QTS - Remote Code Execution via Improper Input Validation
CVSS 9.8
CVE-2019-11255
MEDIUM
Kubernetes CSI Sidecar Containers - Unauthorized PersistentVolume Data Access via Improper Input Validation
CVSS 4.8
CVE-2019-19579
MEDIUM
Xen < 4.12.1 - Privilege Escalation via DMA in PCI Passthrough
CVSS 6.8
CVE-2019-17555
HIGH
Apache Olingo 4.0.0-4.6.0 - Denial of Service via Retry-After Header
CVSS 7.5
CVE-2019-19396
HIGH
illumos <r151030y - Memory Corruption
CVSS 7.5
CVE-2019-5268
HIGH
Huawei Home Router - Info Disclosure
CVSS 8.1
CVE-2019-19376
MEDIUM
Octopus Deploy < 2019.10.7 and 2019.6.0-2019.6.13 - Authenticated Denial of Service via Malformed Team API Request
CVSS 6.5
CVE-2019-18247
HIGH
Relion 650 and 670 Firmware - Denial of Service via Crafted Message
CVSS 7.5
Details
Vulnerabilities
12,591
Exploit Likelihood
High