CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,591 vulnerabilities with CWE-20
CVE-2019-1962 HIGH
Cisco NX-OS 5.2-6.2(29) - Unauthenticated Denial of Service via CFSoIP TCP Packet Processing
CVSS 8.6
CVE-2019-13270 HIGH
Edimax BR-6208AC V1 - Unauthenticated Data Exfiltration via IGMP Membership Query Group IP
CVSS 8.8
CVE-2019-13269 HIGH
Edimax BR-6208AC V1 Firmware - Cross-Network Data Leak via DHCP Transaction ID
CVSS 8.8
CVE-2019-13268 HIGH
TP-Link Archer C3200 V1 and Archer C2 V1 Firmware - ARP Request Forwarding Between Host and Guest Networks
CVSS 8.8
CVE-2019-15640 HIGH
Limesurvey < 3.17.10 - Unauthenticated Arbitrary File Upload via Image MIME Type Bypass
CVSS 7.5
CVE-2019-12400 MEDIUM
Apache Santuario XML Security for Java <2.0.3 - Info Disclosure
CVSS 5.5
CVE-2019-1581 CRITICAL
PAN-OS <7.1.24-h1, 7.1.25; 8.0 <8.0.19-h1, 8.0.20; 8.1 <8.1.9-h4, 8...
CVSS 9.8
CVE-2019-7617 HIGH
Elastic APM agent for Python <5.1.0 - Open Redirect
CVSS 7.2
CVE-2019-15324 HIGH
Ad Inserter < 2.4.22 - Remote Code Execution
CVSS 8.8
CVE-2019-1984 MEDIUM
Cisco Enterprise NFVIS < 3.12.1 - Authenticated Arbitrary File Write via File-System Command
CVSS 6.5
CVE-2019-1936 HIGH
Cisco IMC Supervisor/UCS Director - Authenticated RCE via Web Interface
CVSS 7.2
CVE-2019-1839 MEDIUM
Cisco Remote PHY Device Software - Command Injection
CVSS 6.7
CVE-2019-12626 MEDIUM
Cisco Unified Contact Center Express - Authenticated Stored Cross-Site Scripting
CVSS 4.8
CVE-2019-2136 MEDIUM
Android 7.0-9 - Out-of-bounds Read in Status::readFromParcel
CVSS 5.5
CVE-2019-11140 MEDIUM
Intel NUC Kit Firmware - Insufficient Session Validation
CVSS 6.7
CVE-2019-7959 CRITICAL
Creative Cloud Desktop App <4.6.1 - RCE
CVSS 9.8
CVE-2019-9851 CRITICAL
LibreOffice - Code Injection
CVSS 9.8
CVE-2019-9850 CRITICAL
LibreOffice < 6.2.6 - LibreLogo Script Event Python Code Execution
CVSS 9.8
CVE-2019-1204 MEDIUM
Microsoft Office and Outlook - Elevation of Privilege via Malformed Email Message Processing
CVSS 4.3
CVE-2019-0965 HIGH
Windows 10 and Windows Server 2016/2019 - Authenticated Remote Code Execution via Hyper-V Guest Input
CVSS 7.6
CVE-2019-0723 MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 5.8
CVE-2019-0720 HIGH
Windows Hyper-V Network Switch - RCE
CVSS 8.0
CVE-2019-0718 MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 5.8
CVE-2019-0717 MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 5.8
CVE-2019-0715 MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 5.8
Details
Vulnerabilities 12,591
Exploit Likelihood High