The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,592 vulnerabilities with CWE-20
CVE-2019-11716
HIGH
Firefox < 68.0 - Sandbox Bypass via Non-Enumerable window.globalThis
CVSS 8.3
CVE-2019-11714
CRITICAL
Firefox < 68.0 - Denial of Service via Necko UDP Connection Thread Handling
CVSS 9.8
CVE-2019-11708
CRITICAL
KEV
Firefox ESR < 60.7.2, Firefox < 67.0.4, Thunderbird < 60.7.2 - RCE
CVSS 10.0
CVE-2019-11698
MEDIUM
Thunderbird <60.7, Firefox <67, Firefox ESR <60.7 - Info Disclosure
CVSS 5.3
CVE-2019-11697
MEDIUM
Firefox < 67.0 - Extension Installation Spoofing via Key Combination Bypass
CVSS 6.5
CVE-2019-11696
HIGH
Firefox < 67.0 - Unsafe Executable File Handling for .JNLP Extensions
CVSS 7.8
CVE-2019-13097
HIGH
Cat Runner Decorate Home 2.8.0 - Score Parameter Manipulation via Insufficient Input Validation
CVSS 7.5
CVE-2019-1010234
CRITICAL
Linux Foundation ONOS <1.15.0 - RCE
CVSS 9.8
CVE-2019-14211
HIGH
Foxit PhantomPDF <8.3.11 - Memory Corruption
CVSS 7.5
CVE-2019-5680
MEDIUM
NVIDIA Jetson TX1 L4T < R32.2 - Code Execution via Unvalidated nvtboot-cpu Image Load
CVSS 6.7
CVE-2019-1010245
CRITICAL
Linux Foundation ONOS SDN Controller <1.15 - RCE
CVSS 9.8
CVE-2019-7843
HIGH
Adobe Campaign Classic <18.10.5-8984 - Info Disclosure
CVSS 7.5
CVE-2019-1010252
MEDIUM
Linux Foundation ONOS <2.0.0 - Info Disclosure
CVSS 4.9
CVE-2019-1010251
HIGH
Open Information Security Foundation Suricata <4.1.2 - DoS
CVSS 7.5
CVE-2019-1010250
MEDIUM
Linux Foundation ONOS <2.0.0 - Info Disclosure
CVSS 4.9
CVE-2019-1923
MEDIUM
Cisco SPA500 Series IP Phones < 7.6.2sr5 - Authenticated Arbitrary Command Execution via USB Storage Device
CVSS 6.6
CVE-2019-1920
HIGH
Cisco Aironet 3700 Series < 8.2.170.0 - DoS via 802.11r Fast Transition
CVSS 7.4
CVE-2019-3571
MEDIUM
WhatsApp Desktop <0.3.3793 - Info Disclosure
CVSS 5.3
CVE-2019-10191
HIGH
knot_resolver < 4.1.0 - DNSSEC Downgrade via Improper Input Validation
CVSS 7.5
CVE-2019-10190
HIGH
knot_resolver < 3.2.0 - DNSSEC Validation Bypass via NXDOMAIN Answer
CVSS 7.5
CVE-2019-13612
HIGH
MDaemon Email Server <20.0.1 - Info Disclosure
CVSS 7.5
CVE-2019-1113
HIGH
Microsoft .NET Framework and Visual Studio - Markup Parsing Remote Code Execution
CVSS 8.8
CVE-2019-1109
CRITICAL
Microsoft Office - Spoofing via Unvalidated Web Page Request
CVSS 9.1
CVE-2019-1079
MEDIUM
Visual Studio - Information Disclosure via XML Input Parsing
CVSS 6.5
CVE-2019-1072
CRITICAL
Azure DevOps Server and Team Foundation Server - Remote Code Execution
CVSS 9.8
Details
Vulnerabilities
12,592
Exploit Likelihood
High