The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,593 vulnerabilities with CWE-20
CVE-2019-11071
HIGH
SPIP 3.1.0-3.1.9 and 3.2.0-3.2.3 - Authenticated Remote Code Execution via var_memotri Mishandling
CVSS 8.8
CVE-2019-11069
HIGH
Sequelize 5.0.0-5.2.9 - SQL Injection via Improper Input Validation
CVSS 7.5
CVE-2019-0786
CRITICAL
Microsoft SMB Server - Privilege Escalation
CVSS 9.8
CVE-2019-0768
MEDIUM
Internet Explorer - Security Feature Bypass via VBScript Execution Policy
CVSS 4.3
CVE-2019-0701
MEDIUM
Windows 10 and Windows Server 2016/2019 - Denial of Service via Hyper-V Input Validation
CVSS 6.8
CVE-2019-0695
MEDIUM
Windows 10 and Windows Server 2016/2019 - Denial of Service via Hyper-V Input Validation
CVSS 6.8
CVE-2019-0690
MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 6.8
CVE-2019-1798
MEDIUM
ClamAV < 0.101.1 - Unauthenticated Denial of Service via Malformed PE File Parsing
CVSS 5.5
CVE-2019-1788
MEDIUM
ClamAV < 0.101.1 - Denial of Service via OLE2 File Parsing
CVSS 5.5
CVE-2019-11014
CRITICAL
VStarCam Eye4 - Unauthenticated Camera Server Spoofing via Broadcast Response Flood
CVSS 9.8
CVE-2019-1787
MEDIUM
ClamAV < 0.101.1 - Denial of Service via PDF Scanning Heap Buffer Out-of-bounds Read
CVSS 5.5
CVE-2019-1786
MEDIUM
ClamAV 0.101.0-0.101.1 - Denial of Service via PDF Scanning Out-of-bounds Read
CVSS 5.5
CVE-2019-1785
HIGH
ClamAV 0.101.0-0.101.1 - Path Traversal and Arbitrary File Write via RAR File Processing
CVSS 7.8
CVE-2019-10672
CRITICAL
libmysofa < 0.7 - Denial of Service via Improper Input Validation in treeRead
CVSS 9.8
CVE-2019-1760
MEDIUM
Cisco IOS XE - Unauthenticated Denial of Service via Malformed Smart Probe Packets
CVSS 6.8
CVE-2019-1756
HIGH
Cisco IOS XE - Authenticated Remote Code Execution via Web UI Username Input
CVSS 7.2
CVE-2019-1755
MEDIUM
Cisco IOS XE - Authenticated Remote Code Execution via WSMA HTTP Request
CVSS 6.5
CVE-2019-1754
HIGH
Cisco IOS XE - Authenticated Privilege Escalation via Web UI Endpoint
CVSS 8.8
CVE-2019-1753
HIGH
Cisco IOS XE - Authenticated Command Injection via WSMA Input Validation Bypass
CVSS 8.8
CVE-2019-1752
HIGH
Cisco IOS - Unauthenticated Denial of Service via ISDN Q.931 Information Elements
CVSS 7.5
CVE-2019-1751
HIGH
Cisco IOS - Unauthenticated Denial of Service via NAT64 IPv4 Packet Handling
CVSS 8.6
CVE-2019-1750
HIGH
Cisco IOS XE - Unauthenticated Denial of Service via CDP Packet Processing
CVSS 7.4
CVE-2019-1749
HIGH
Cisco IOS XE for ASR 900 RSP3 - Unauthenticated Denial of Service via Malformed OSPFv2 Message
CVSS 7.4
CVE-2019-1747
HIGH
Cisco IOS and IOS XE - Denial of Service via Malicious SMS PDU
CVSS 8.6
CVE-2019-1746
HIGH
Cisco IOS - Unauthenticated Denial of Service via Cluster Management Protocol Input Validation
CVSS 7.4
Details
Vulnerabilities
12,593
Exploit Likelihood
High