CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,591 vulnerabilities with CWE-20
CVE-2019-9395 HIGH
Android 10 - Remote Denial of Service via Bluetooth Missing Bounds Check
CVSS 7.5
CVE-2019-9394 HIGH
Android 10 - Remote Denial of Service via Bluetooth Missing Bounds Check
CVSS 7.5
CVE-2019-9393 HIGH
Android 10 - Remote Denial of Service via Bluetooth Missing Bounds Check
CVSS 7.5
CVE-2019-9379 MEDIUM
Android 10 - Remote Denial of Service via Missing Bounds Check in libstagefright
CVSS 6.5
CVE-2019-9371 MEDIUM
Android 10 - Denial of Service via Improper Input Validation in libvpx
CVSS 6.5
CVE-2019-9352 MEDIUM
Android 10 - Remote Denial of Service via Missing Bounds Check in libstagefright
CVSS 6.5
CVE-2019-9348 MEDIUM
Android 10 - Remote Denial of Service via Improper Input Validation in libstagefright
CVSS 6.5
CVE-2019-9283 MEDIUM
Android 10 - Remote Denial of Service via AAC Codec Input Validation
CVSS 6.5
CVE-2019-12669 HIGH
Cisco IOS XE - Denial of Service via Malformed RADIUS CoA Packet
CVSS 7.5
CVE-2019-12663 HIGH
Cisco IOS XE - Unauthenticated Denial of Service via Malicious RADIUS Message
CVSS 8.6
CVE-2019-12657 HIGH
Cisco IOS XE - Unauthenticated Denial of Service via IPv6 Packet Validation in UTD
CVSS 7.5
CVE-2019-12656 HIGH
Cisco IOS - Unauthenticated Denial of Service via TLS Packet Handling
CVSS 7.5
CVE-2019-12655 HIGH
Cisco IOS XE - Unauthenticated Denial of Service via FTP ALG Buffer Overflow
CVSS 7.5
CVE-2019-12653 HIGH
Cisco IOS XE - Denial of Service via Raw Socket Transport Payload Parsing
CVSS 7.5
CVE-2019-6654 MEDIUM
BIG-IP 11.5.1-11.6.5, 12.1.0-12.1.5, 13.0.0-13.1.3, 14.0.0-14.1.2 - Spoofed Packet Processing
CVSS 4.3
CVE-2019-3416 CRITICAL
ZTE ZXV10 B860A Firmware < 81511329.1008 - Unauthenticated Remote Code Execution
CVSS 9.8
CVE-2019-16412 HIGH
Tenda N301 - Denial of Service via Zero wanMTU Value
CVSS 7.5
CVE-2019-4271 LOW
IBM WebSphere App Server <9.0 - XSS
CVSS 3.5
CVE-2019-10937 HIGH
SIMATIC TDC CP51M1 < 1.1.7 - Unauthenticated Denial of Service via UDP Packet
CVSS 7.5
CVE-2019-5976 MEDIUM
Cybozu Garoon 4.0.0-4.10.2 - Authenticated Denial of Service
CVSS 4.9
CVE-2019-1306 CRITICAL
Azure DevOps Server and Team Foundation Server - Remote Code Execution via Improper Input Validation
CVSS 9.8
CVE-2019-1302 HIGH
ASP.NET Core - Privilege Escalation
CVSS 8.8
CVE-2019-1296 HIGH
Microsoft SharePoint - Remote Code Execution via Unsafe API Data Input
CVSS 8.8
CVE-2019-1295 HIGH
Microsoft SharePoint - Remote Code Execution via Unsafe API Data Input
CVSS 8.8
CVE-2019-1264 HIGH
Microsoft Office - Security Feature Bypass via Improper Input Handling
CVSS 7.8
Details
Vulnerabilities 12,591
Exploit Likelihood High