CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,592 vulnerabilities with CWE-20
CVE-2019-11460 CRITICAL
GNOME gnome-desktop <3.30.2.2.2, <3.32.1.1 - Privilege Escalation
CVSS 9.0
CVE-2019-11417 CRITICAL
TRENDnet TV-IP110WN - Buffer Overflow
CVSS 9.8
CVE-2019-2028 HIGH
Android - Remote Code Execution via NEON Register Corruption in libmpeg2
CVSS 8.8
CVE-2019-11340 MEDIUM
Matrix Sydent <1.0.2 - Info Disclosure
CVSS 5.9
CVE-2019-10245 HIGH
Eclipse OpenJ9 < 0.14.0 - Denial of Service via Bytecode Verifier Bypass
CVSS 7.5
CVE-2019-1841 MEDIUM
Cisco Catalyst Center < 1.2.5 - Authenticated Unintended Proxy Access via HTTP Request
CVSS 6.5
CVE-2019-1837 MEDIUM
Cisco Unified Communications Manager - DoS
CVSS 5.3
CVE-2019-1834 HIGH
Cisco Aironet AP Firmware <8.5.140.0 DoS via Malformed Wireless Packet
CVSS 7.4
CVE-2019-1831 MEDIUM
Cisco AsyncOS Software - Auth Bypass
CVSS 5.8
CVE-2019-1830 MEDIUM
Cisco Wireless LAN Controller Software < 8.3.150.0 - Authenticated Denial of Service via LSC Certificate HTTP URL
CVSS 4.9
CVE-2019-1826 MEDIUM
Cisco Aironet Series Access Points - Authenticated Denial of Service via Malformed Wi-Fi QoS Frames
CVSS 6.8
CVE-2019-1805 MEDIUM
Cisco Wireless LAN Controller - Info Disclosure
CVSS 4.3
CVE-2019-1800 MEDIUM
Cisco Wireless LAN Controller - DoS
CVSS 6.5
CVE-2019-1799 MEDIUM
Cisco Wireless LAN Controller <8.2.170.0, >=8.3.143.0 <8.3.150.0 - DoS via IAPP Message Handling
CVSS 6.5
CVE-2019-1796 MEDIUM
Cisco Wireless LAN Controller <8.2.170.0, >=8.3.143.0 <8.5.150.0 - DoS via IAPP Message Handling
CVSS 6.5
CVE-2019-1721 MEDIUM
Cisco TelePresence Video Communication Server < X12.5.1 - Authenticated Denial of Service via Crafted XML SIP Message
CVSS 6.5
CVE-2019-1720 MEDIUM
Cisco TelePresence Video Communication Server < X12.5.1 - Authenticated Denial of Service via XML API
CVSS 6.8
CVE-2019-1712 MEDIUM
Cisco IOS XR < 6.2.3 - Unauthenticated Denial of Service via Crafted AutoRP Packets
CVSS 5.8
CVE-2019-1711 MEDIUM
Cisco IOS XR 6.1.0-6.5.0 - Unauthenticated Denial of Service via gRPC Request Handling
CVSS 5.3
CVE-2019-1710 CRITICAL
Cisco IOS XR < 6.5.3 - Unauthenticated Denial of Service and Remote Access via Sysadmin VM Isolation Bypass
CVSS 9.8
CVE-2019-0163 HIGH
Intel i5-5350U Firmware < MYBDWi5v.86A - Privilege Escalation, DoS, and Info Disclosure via Local Access
CVSS 8.2
CVE-2019-9845 CRITICAL
Miniblog.Core < 2019-01-16 - Remote Code Execution via IMG Element with Data URL
CVSS 9.8
CVE-2019-11228 HIGH
Gitea < 1.7.6 and 1.8.x < 1.8-RC3 - Improper Input Validation in Mirror Address Handling
CVSS 7.5
CVE-2019-3460 MEDIUM
Linux Kernel < 5.1 - Heap Data Information Disclosure in L2CAP Configuration Response Parser
CVSS 6.5
CVE-2019-11071 HIGH
SPIP 3.1.0-3.1.9 and 3.2.0-3.2.3 - Authenticated Remote Code Execution via var_memotri Mishandling
CVSS 8.8
Details
Vulnerabilities 12,592
Exploit Likelihood High