The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,591 vulnerabilities with CWE-20
CVE-2019-9395
HIGH
Android 10 - Remote Denial of Service via Bluetooth Missing Bounds Check
CVSS 7.5
CVE-2019-9394
HIGH
Android 10 - Remote Denial of Service via Bluetooth Missing Bounds Check
CVSS 7.5
CVE-2019-9393
HIGH
Android 10 - Remote Denial of Service via Bluetooth Missing Bounds Check
CVSS 7.5
CVE-2019-9379
MEDIUM
Android 10 - Remote Denial of Service via Missing Bounds Check in libstagefright
CVSS 6.5
CVE-2019-9371
MEDIUM
Android 10 - Denial of Service via Improper Input Validation in libvpx
CVSS 6.5
CVE-2019-9352
MEDIUM
Android 10 - Remote Denial of Service via Missing Bounds Check in libstagefright
CVSS 6.5
CVE-2019-9348
MEDIUM
Android 10 - Remote Denial of Service via Improper Input Validation in libstagefright
CVSS 6.5
CVE-2019-9283
MEDIUM
Android 10 - Remote Denial of Service via AAC Codec Input Validation
CVSS 6.5
CVE-2019-12669
HIGH
Cisco IOS XE - Denial of Service via Malformed RADIUS CoA Packet
CVSS 7.5
CVE-2019-12663
HIGH
Cisco IOS XE - Unauthenticated Denial of Service via Malicious RADIUS Message
CVSS 8.6
CVE-2019-12657
HIGH
Cisco IOS XE - Unauthenticated Denial of Service via IPv6 Packet Validation in UTD
CVSS 7.5
CVE-2019-12656
HIGH
Cisco IOS - Unauthenticated Denial of Service via TLS Packet Handling
CVSS 7.5
CVE-2019-12655
HIGH
Cisco IOS XE - Unauthenticated Denial of Service via FTP ALG Buffer Overflow
CVSS 7.5
CVE-2019-12653
HIGH
Cisco IOS XE - Denial of Service via Raw Socket Transport Payload Parsing
CVSS 7.5
CVE-2019-6654
MEDIUM
BIG-IP 11.5.1-11.6.5, 12.1.0-12.1.5, 13.0.0-13.1.3, 14.0.0-14.1.2 - Spoofed Packet Processing
CVSS 4.3
CVE-2019-3416
CRITICAL
ZTE ZXV10 B860A Firmware < 81511329.1008 - Unauthenticated Remote Code Execution
CVSS 9.8
CVE-2019-16412
HIGH
Tenda N301 - Denial of Service via Zero wanMTU Value
CVSS 7.5
CVE-2019-4271
LOW
IBM WebSphere App Server <9.0 - XSS
CVSS 3.5
CVE-2019-10937
HIGH
SIMATIC TDC CP51M1 < 1.1.7 - Unauthenticated Denial of Service via UDP Packet
CVSS 7.5
CVE-2019-5976
MEDIUM
Cybozu Garoon 4.0.0-4.10.2 - Authenticated Denial of Service
CVSS 4.9
CVE-2019-1306
CRITICAL
Azure DevOps Server and Team Foundation Server - Remote Code Execution via Improper Input Validation
CVSS 9.8
CVE-2019-1302
HIGH
ASP.NET Core - Privilege Escalation
CVSS 8.8
CVE-2019-1296
HIGH
Microsoft SharePoint - Remote Code Execution via Unsafe API Data Input
CVSS 8.8
CVE-2019-1295
HIGH
Microsoft SharePoint - Remote Code Execution via Unsafe API Data Input
CVSS 8.8
CVE-2019-1264
HIGH
Microsoft Office - Security Feature Bypass via Improper Input Handling
CVSS 7.8
Details
Vulnerabilities
12,591
Exploit Likelihood
High