CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,591 vulnerabilities with CWE-20
CVE-2019-0149 MEDIUM
Intel Ethernet 700 Series Firmware < 2.8.43 - DoS via i40e Driver Input
CVSS 5.5
CVE-2019-0147 MEDIUM
Intel Ethernet 700 Series Controller Firmware < 7.0 - Authenticated Denial of Service via i40e Driver Input Validation
CVSS 5.5
CVE-2019-14566 HIGH
Intel(R) SGX SDK - Info Disclosure/Privilege Escalation/DoS
CVSS 7.8
CVE-2019-11180 HIGH
Intel Baseboard Management Controller Firmware < 2.18 - Unauthenticated Denial of Service via Network Access
CVSS 7.5
CVE-2019-11179 MEDIUM
Intel Baseboard Management Controller Firmware < 2.18 - Authenticated Information Disclosure via Network Access
CVSS 6.5
CVE-2019-11175 HIGH
Intel Baseboard Management Controller Firmware < 2.18 - Unauthenticated Denial of Service via Network Access
CVSS 7.5
CVE-2019-11137 HIGH
Intel Xeon Platinum/Scalable Firmware - Privilege Escalation, DoS, Info Disclosure via Local Access
CVSS 8.2
CVE-2019-0396 HIGH
SAP BusinessObjects Business Intelligence Platform - XML External Entity Injection in Web Intelligence HTML Interface
CVSS 7.1
CVE-2019-9467 MEDIUM
Android - Local Privilege Escalation via Bootloader Command Injection
CVSS 6.7
CVE-2019-2195 HIGH
Android - Local Privilege Escalation via SQLite Tokenize Input Validation
CVSS 7.8
CVE-2019-2192 HIGH
Android 9-10 - Local Privilege Escalation via SliceProvider Input Validation Bypass
CVSS 7.8
CVE-2019-16949 MEDIUM
Enghouse Web Chat 6.1.300.31 and 6.2.284.34 - Email Spoofing via Chat Log Archive POST Request
CVSS 6.5
CVE-2019-5230 MEDIUM
Honor P20 Pro <9.1.0.321(C00E320R1P1T8) - Improper Validation
CVSS 5.5
CVE-2019-1399 MEDIUM
Windows Hyper-V - Denial of Service via Improper Input Validation
CVSS 6.2
CVE-2019-1398 HIGH
Windows 10 and Windows Server 2016/2019 - Remote Code Execution via Hyper-V Input Validation
CVSS 8.4
CVE-2019-1397 HIGH
Windows Hyper-V - Authenticated Remote Code Execution via Improper Input Validation
CVSS 8.4
CVE-2019-1389 HIGH
Windows Hyper-V - Remote Code Execution via Improper Input Validation
CVSS 8.4
CVE-2019-1310 MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 6.8
CVE-2019-1309 MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 6.8
CVE-2019-0721 CRITICAL
Windows 10 and Windows Server 2016/2019 - Remote Code Execution via Hyper-V Network Switch Input Validation
CVSS 9.1
CVE-2019-0719 CRITICAL
Windows Hyper-V Network Switch - Authenticated Remote Code Execution via Improper Input Validation
CVSS 9.1
CVE-2019-0712 MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 6.8
CVE-2019-3426 HIGH
ZTE ZXUPN-9000E Firmware < 9000EV5.0R1B12 - Unauthorized Operations via Input Validation Vulnerability
CVSS 8.8
CVE-2019-1981 MEDIUM
Cisco Firepower Threat Defense/ASA/FMC Unauthenticated Filter Bypass via Obfuscated Payload
CVSS 5.8
CVE-2019-1978 MEDIUM
Cisco Firepower Services Software For Asa - Improper Input Validation
CVSS 5.8
Details
Vulnerabilities 12,591
Exploit Likelihood High