The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,591 vulnerabilities with CWE-20
CVE-2019-1257
HIGH
Microsoft SharePoint - Remote Code Execution via Application Package Source Markup
CVSS 8.8
CVE-2019-0928
MEDIUM
Windows 10 and Windows Server 2016 - Denial of Service via Hyper-V Input Validation
CVSS 6.2
CVE-2019-3760
MEDIUM
RSA Identity Governance and Lifecycle < 7.1.0 P08 - Authenticated SQL Injection in Workflow Architect
CVSS 6.4
CVE-2019-5461
LOW
GitLab 11.11.0-11.11.6 - Server-Side Request Forgery via GitHub Integration
CVSS 3.5
CVE-2019-15639
HIGH
Asterisk 13.0.0-13.28.0 - Denial of Service via RTP Packet
CVSS 7.5
CVE-2019-16142
CRITICAL
renderdoc <0.5.0 - Info Disclosure
CVSS 9.8
CVE-2019-16141
HIGH
once_cell < 1.0.1 - Denial of Service via Lazy Initialization Panic
CVSS 7.5
CVE-2019-9453
MEDIUM
Android - Local Information Disclosure via F2FS Touch Driver Input Validation
CVSS 4.4
CVE-2019-9446
MEDIUM
Android - Out-of-Bounds Write in FingerTipS Touchscreen Driver
CVSS 6.7
CVE-2019-9441
MEDIUM
Android kernel - Privilege Escalation
CVSS 6.7
CVE-2019-9254
HIGH
Android 10 - Local Privilege Escalation via Improper Input Validation in zygote.java
CVSS 7.8
CVE-2019-12645
HIGH
Cisco Jabber < 12.6(1) - Authenticated Arbitrary Code Execution via Improper File Permissions
CVSS 7.8
CVE-2019-12633
HIGH
Cisco Unified Contact Center Express - Unauthenticated Server-Side Request Forgery
CVSS 7.5
CVE-2019-12632
HIGH
Cisco Finesse - Unauthenticated Server-Side Request Forgery
CVSS 7.5
CVE-2019-12588
MEDIUM
Espressif ESP8266_NONOS_SDK 2.2.0-3.1.0 - Denial of Service via Crafted 802.11 Beacon Frame
CVSS 6.5
CVE-2019-2389
MEDIUM
MongoDB Server <4.0.11, <3.6.14, <3.4.22 - Privilege Escalation
CVSS 5.3
CVE-2019-5611
HIGH
FreeBSD Remote DoS via IPv6 Stack (12.0-STABLE before r350828, 12.0-RELEASE before p10, etc.)
CVSS 7.5
CVE-2019-1969
MEDIUM
Cisco NX-OS - Unauthenticated SNMP ACL Bypass via Incorrect Length Check
CVSS 5.3
CVE-2019-1968
HIGH
Cisco NX-OS - Unauthenticated Denial of Service via NX-API HTTP Header
CVSS 7.5
CVE-2019-14979
MEDIUM
WooCommerce PayPal Checkout Payment Gateway 1.6.17 - Parameter Tampering in Amount Parameter
CVSS 5.3
CVE-2019-14978
MEDIUM
WooCommerce PayU India Payment Gateway 2.1.1 - Parameter Tampering via purchaseQuantity
CVSS 5.3
CVE-2019-11247
HIGH
Kubernetes < 1.13.9, < 1.14.5, < 1.15.2 - Unauthorized Cluster-Scoped Custom Resource Access via Namespace Impersonation
CVSS 8.1
CVE-2019-10054
HIGH
Suricata <4.1.3 - Memory Corruption
CVSS 7.5
CVE-2019-1964
HIGH
Cisco NX-OS 8.1-8.2(3) - Unauthenticated Denial of Service via Malformed IPv6 Packet
CVSS 8.6
CVE-2019-1963
HIGH
Cisco FXOS and NX-OS - Denial of Service via SNMP ASN.1 Input Validation
CVSS 7.7
Details
Vulnerabilities
12,591
Exploit Likelihood
High