CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,592 vulnerabilities with CWE-20
CVE-2019-9221 MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Incorrect Access Control
CVSS 5.5
CVE-2019-12439 HIGH
bubblewrap < 0.3.3 - Local Denial of Service via Temporary Directory Misuse
CVSS 7.4
CVE-2019-2250 HIGH
Qualcomm Snapdragon Firmware - Arbitrary Memory Write via Thread Free/Stop
CVSS 7.8
CVE-2019-5803 MEDIUM
Google Chrome < 73.0.3683.75 - Content Security Policy Bypass via Crafted HTML Page
CVSS 6.5
CVE-2019-5801 MEDIUM
Google Chrome < 73.0.3683.75 - Domain Spoofing via Omnibox URL Eliding
CVSS 6.5
CVE-2019-5800 MEDIUM
Google Chrome < 73.0.3683.75 - Content Security Policy Bypass via Crafted HTML Page
CVSS 6.5
CVE-2019-5799 MEDIUM
Google Chrome < 73.0.3683.75 - Content Security Policy Bypass via Crafted HTML Page
CVSS 6.5
CVE-2019-5793 MEDIUM
Google Chrome < 73.0.3683.75 - Insufficient Policy Enforcement in Extensions
CVSS 6.5
CVE-2019-5931 HIGH
Cybozu Garoon 4.0.0-4.6.3 - Authenticated Privilege Escalation via Installer
CVSS 8.7
CVE-2019-11114 MEDIUM
Intel Driver & Support Assistant < 19.3.12.3 - Denial of Service via Insufficient Input Validation
CVSS 4.4
CVE-2019-11094 HIGH
Intel NUC Kit Firmware Privilege Escalation, DoS, and Info Disclosure via Local Access
CVSS 7.8
CVE-2019-11085 HIGH
Intel i915_firmware < 5.0 - Authenticated Privilege Escalation via Kernel Mode Driver Input Validation
CVSS 7.8
CVE-2019-0115 MEDIUM
Intel Graphics Driver - Authenticated Denial of Service via KMD Module Input Validation
CVSS 5.5
CVE-2019-0097 MEDIUM
Intel Active Management Technology Firmware 12.0.20-12.0.35 - Denial of Service via Network Input
CVSS 4.9
CVE-2019-0094 MEDIUM
Intel AMT Firmware 11.8.0-11.8.64 - DoS via Adjacent Network
CVSS 4.3
CVE-2019-0092 MEDIUM
Intel AMT Firmware 11.8.0-11.8.64 - Unauthenticated Privilege Escalation via Physical Access
CVSS 6.8
CVE-2019-0957 HIGH
Microsoft SharePoint Server - Privilege Escalation
CVSS 8.8
CVE-2019-0886 MEDIUM
Windows 10 and Windows Server 2016/2019 - Information Disclosure via Hyper-V Input Validation
CVSS 6.8
CVE-2019-0885 HIGH
Windows OLE - Remote Code Execution via Improper Input Validation
CVSS 7.8
CVE-2019-1858 HIGH
Cisco FXOS/NX-OS - Memory Corruption
CVSS 8.6
CVE-2019-1846 HIGH
Cisco IOS XR - Unauthenticated Denial of Service via MPLS OAM Packet Handling
CVSS 7.4
CVE-2019-1823 HIGH
Cisco Prime Infrastructure/EPN Manager - RCE
CVSS 8.8
CVE-2019-1822 HIGH
Cisco Prime Infrastructure/EPN Manager - RCE
CVSS 7.2
CVE-2019-1821 HIGH
Cisco Prime Infrastructure/EPN Manager - RCE
CVSS 8.8
CVE-2019-1806 HIGH
Cisco Small Business Switches < 1.4.10.6 - Authenticated Denial of Service via SNMP PDU Processing
CVSS 7.7
Details
Vulnerabilities 12,592
Exploit Likelihood High