The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,591 vulnerabilities with CWE-20
CVE-2019-12706
HIGH
Cisco Email Security Appliance Firmware < 13.5.0 - Unauthenticated Filter Bypass via SPF Message Validation
CVSS 7.5
CVE-2019-12701
MEDIUM
Cisco Secure Firewall Management Center - Unauthenticated Policy Bypass via Crafted HTTP Request
CVSS 5.8
CVE-2019-12699
HIGH
Cisco Firepower 9300 Firmware - Authenticated OS Command Injection via CLI Arguments
CVSS 7.8
CVE-2019-12694
MEDIUM
Cisco Firepower Threat Defense < 6.3.0.5 - Authenticated Command Injection via CLI
CVSS 6.7
CVE-2019-12689
HIGH
Cisco Secure Firewall Management Center < 6.2.2.2 - Authenticated Remote Code Execution via Web Interface
CVSS 8.8
CVE-2019-12688
HIGH
Cisco Firepower Management Center - Authenticated Remote Code Execution via Web UI Input
CVSS 8.8
CVE-2019-12687
HIGH
Cisco Secure Firewall Management Center - Authenticated Remote Code Execution via Web UI Input
CVSS 8.8
CVE-2019-12676
HIGH
Cisco Adaptive Security Appliance and Firepower Threat Defense - Denial of Service via OSPF LSA Type 11 Packet Parsing
CVSS 7.4
CVE-2019-12673
HIGH
Cisco ASA <9.6.4.34, >=9.7 <9.8.4.10 & FTD <6.3.0.5 - DoS via FTP Inspection
CVSS 7.5
CVE-2019-12630
CRITICAL
Cisco Security Manager < 4.18 - Unauthenticated Remote Code Execution via Java Deserialization
CVSS 9.8
CVE-2019-12157
CRITICAL
JetBrains UpSource <2018.2.1293 - Info Disclosure
CVSS 9.8
CVE-2019-10538
CRITICAL
Qualcomm MSM8909W and other Snapdragon Firmware - Memory Corruption via Arbitrary Page Response
CVSS 9.8
CVE-2019-10506
HIGH
Qualcomm Multiple Chipsets Firmware - Improper Input Validation in QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY
CVSS 7.8
CVE-2019-10501
HIGH
Qualcomm Snapdragon Firmware - Use-After-Free in Volume Listener Library
CVSS 7.8
CVE-2019-16676
CRITICAL
Plataformatec Simple Form - Code Injection
CVSS 9.8
CVE-2019-9433
MEDIUM
Android 10 - Information Disclosure via Improper Input Validation in libvpx
CVSS 6.5
CVE-2019-9432
HIGH
Android 10 - Remote Information Disclosure via Bluetooth Out-of-Bounds Read
CVSS 7.5
CVE-2019-9418
MEDIUM
Android 10 - Remote Denial of Service via Missing Bounds Check in libstagefright
CVSS 6.5
CVE-2019-9414
MEDIUM
Android 10 - Man-in-the-Middle via Improper Certificate BasicConstraints Validation
CVSS 5.9
CVE-2019-9404
HIGH
Android 10 - Remote Denial of Service via Bluetooth Missing Bounds Check
CVSS 7.5
CVE-2019-9402
HIGH
Android 10 - Remote Denial of Service via Bluetooth Missing Bounds Check
CVSS 7.5
CVE-2019-9401
HIGH
Android 10 - Remote Denial of Service via Bluetooth Missing Bounds Check
CVSS 7.5
CVE-2019-9398
HIGH
Android 10 - Remote Denial of Service via Bluetooth Missing Bounds Check
CVSS 7.5
CVE-2019-9397
HIGH
Android 10 - Remote Denial of Service via Bluetooth Missing Bounds Check
CVSS 7.5
CVE-2019-9396
HIGH
Android 10 - Remote Denial of Service via Bluetooth Missing Bounds Check
CVSS 7.5
Details
Vulnerabilities
12,591
Exploit Likelihood
High