The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,592 vulnerabilities with CWE-20
CVE-2019-1729
MEDIUM
Cisco NX-OS < 7.0(3)I4(9) - Authenticated Arbitrary File Write via Image Maintenance Command
CVSS 6.0
CVE-2019-1726
HIGH
Cisco NX-OS 5.2-6.2(25) - Authenticated OS Command Injection via CLI Argument
CVSS 7.8
CVE-2019-5598
HIGH
FreeBSD Packet Filter Bypass via ICMP/ICMP6 Destination IP Spoofing
CVSS 7.5
CVE-2019-5597
CRITICAL
FreeBSD 11.2-RELEASE < 11.2-RELEASE-p10 and 12.0-RELEASE < 12.0-RELEASE-p4 - DoS via IPv6 Fragment Reassembly
CVSS 9.1
CVE-2019-1862
HIGH
Cisco IOS XE - Authenticated Remote Code Execution via Web UI Input Sanitization Bypass
CVSS 7.2
CVE-2019-9847
HIGH
LibreOffice < 6.1.6 - Unauthenticated Arbitrary Executable Launch via Hyperlink Processing
CVSS 7.8
CVE-2019-11832
HIGH
TYPO3 8.0.0-8.7.24 and 9.0.0-9.5.5 - Remote Code Execution via Image Processing Configuration
CVSS 7.5
CVE-2019-2051
HIGH
Android 7.0-9 - Out-of-Bounds Read in spaces.h
CVSS 7.5
CVE-2019-7443
HIGH
KDE KAuth < 5.55.0 - Unauthenticated Arbitrary Plugin Execution via DBus Parameter Injection
CVSS 8.1
CVE-2019-1844
MEDIUM
Cisco Email Security Appliance - Unauthenticated Filter Bypass via Missing Content-Disposition
CVSS 5.3
CVE-2019-1817
HIGH
Cisco Web Security Appliance - Denial of Service via Malformed HTTP/HTTPS Request
CVSS 7.5
CVE-2019-1816
HIGH
Cisco Web Security Appliance - Authenticated Command Injection and Privilege Escalation via Log Subscription Subsystem
CVSS 7.8
CVE-2019-1697
MEDIUM
Cisco ASA <9.6.4.25, >=9.7 <9.8.4 & FTD <6.2.3.12 - DoS via LDAP Parsing
CVSS 6.8
CVE-2019-1694
HIGH
Cisco ASA <9.4.4.34, >=9.5 <9.6.4.25 & FTD <6.2.3.12 - DoS via TCP Traffic
CVSS 8.6
CVE-2019-1687
HIGH
Cisco ASA <9.4.4.34, 9.5-9.6.4.25 & FTD 6.0.0-6.2.3.12 - DoS via TCP Inspection
CVSS 7.5
CVE-2019-1682
HIGH
Cisco APIC < 4.1(1i) Privilege Escalation via FUSE Command Injection
CVSS 7.8
CVE-2019-1592
HIGH
Cisco Nexus 9000 - Privilege Escalation
CVSS 7.8
CVE-2019-1587
MEDIUM
Cisco NX-OS - Information Disclosure via Filtered Query Command
CVSS 4.3
CVE-2019-11687
HIGH
NEMA DICOM Standard 1995-2019b - Code Injection
CVSS 7.8
CVE-2019-9826
HIGH
phpBB < 3.2.6 - Denial of Service via Fulltext Search Component
CVSS 7.5
CVE-2019-11595
CRITICAL
uBlock Origin < 0.9.5.15 - Remote Code Execution via $rewrite Filter Option
CVSS 9.0
CVE-2019-9807
MEDIUM
Firefox < 66.0 - Spoofing via FTP Modal Alert Injection
CVSS 4.3
CVE-2019-9801
MEDIUM
Firefox < 66.0, Firefox ESR < 60.6, Thunderbird < 60.6 - External Protocol Handler Execution
CVSS 5.3
CVE-2019-9799
HIGH
Firefox < 66.0 - Out-of-bounds Read via Inter-Process Communication
CVSS 7.5
CVE-2019-11218
HIGH
Bonobo Git Server < 6.5.0 - Authenticated Privilege Escalation via User Profile Parameter Injection
CVSS 8.8
Details
Vulnerabilities
12,592
Exploit Likelihood
High