CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,592 vulnerabilities with CWE-20
CVE-2019-2016 HIGH
Android -<7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9 - Privilege Escalation
CVSS 8.8
CVE-2019-12831 HIGH
MyBB < 1.8.21 - Remote Code Execution via Theme Import Stylesheet Name Truncation
CVSS 7.2
CVE-2019-12816 HIGH
ZNC < 1.7.3 - Authenticated Privilege Escalation and Remote Code Execution via Crafted Module Name
CVSS 8.8
CVE-2019-11128 MEDIUM
Intel NUC Kit Firmware - Privilege Escalation, DoS, and Info Disclosure via Input Validation
CVSS 6.7
CVE-2019-11125 MEDIUM
Intel NUC Kit, Compute Card, Compute Stick Firmware - Privilege Escalation, DoS, Info Disclosure via Input Validation
CVSS 6.7
CVE-2019-11123 MEDIUM
Intel NUC Kit Firmware - Insufficient Session Validation
CVSS 6.7
CVE-2019-0157 MEDIUM
Intel SGX Driver for Linux < 2.5 - Authenticated Denial of Service via Insufficient Input Validation
CVSS 5.5
CVE-2019-0973 HIGH
Windows Installer - Privilege Escalation
CVSS 7.8
CVE-2019-0722 HIGH
Windows Hyper-V - Remote Code Execution via Guest OS Input Validation
CVSS 8.8
CVE-2019-0713 MEDIUM
Microsoft Hyper-V - Denial of Service via Guest OS Input Validation
CVSS 6.8
CVE-2019-0711 MEDIUM
Microsoft Hyper-V - Denial of Service via Guest OS Privileged Application
CVSS 6.8
CVE-2019-0710 MEDIUM
Microsoft Hyper-V - Denial of Service via Guest OS Input Validation
CVSS 6.8
CVE-2019-0709 HIGH
Windows 10 and Windows Server 2016 - Remote Code Execution via Hyper-V Guest Input Validation
CVSS 7.6
CVE-2019-0620 HIGH
Windows Hyper-V - Authenticated Remote Code Execution via Guest OS Input Validation
CVSS 7.6
CVE-2019-3957 HIGH
Dameware Mini Remote Control < 12.1.0.34 - Unauthenticated Out-of-bounds Read via RsaSignatureLen Validation
CVSS 7.4
CVE-2019-3956 HIGH
Dameware Remote Mini Control < 12.1.0.34 - Unauthenticated Out-of-bounds Read via CltDHPubKeyLen Validation
CVSS 7.4
CVE-2019-3723 CRITICAL
Dell EMC OpenManage Server Administrator < 9.1.0.3 & < 9.2.0.4 - Unauthenticated Arbitrary File Write & Deletion
CVSS 9.1
CVE-2019-1861 HIGH
Cisco Industrial Network Director - RCE
CVSS 7.2
CVE-2019-1845 HIGH
Cisco Unified CM IM&P/TelePresence VCS/Expressway - DoS
CVSS 8.6
CVE-2019-11980 HIGH
HPE Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 8.8
CVE-2019-11968 HIGH
HPE Intelligent Management Center PLAT < 7.3 E0506P09 - Remote Code Execution
CVSS 8.8
CVE-2019-11967 HIGH
HPE Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 8.8
CVE-2019-5285 HIGH
Huawei S Series Switches - Unauthenticated Denial of Service via Crafted Packet Handling
CVSS 7.5
CVE-2019-5244 MEDIUM
Huawei Mate 9 Pro <LON-L29C 8.0.0.361(C636) - Info Disclosure
CVSS 5.5
CVE-2019-5678 HIGH
NVIDIA GeForce Experience < 3.19 - Code Execution via Web Helper Input Validation
CVSS 7.8
Details
Vulnerabilities 12,592
Exploit Likelihood High