The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,593 vulnerabilities with CWE-20
CVE-2019-1743
HIGH
Cisco IOS XE - Authenticated Arbitrary File Write via Malicious File Upload
CVSS 8.8
CVE-2019-1741
HIGH
Cisco IOS XE - Denial of Service via Malformed IP Packet Handling
CVSS 7.5
CVE-2019-1740
HIGH
Cisco IOS XE - Unauthenticated Denial of Service via NBAR DNS Packet Parsing
CVSS 8.6
CVE-2019-1739
HIGH
Cisco IOS - Unauthenticated Denial of Service via NBAR DNS Packet Parsing
CVSS 7.5
CVE-2019-1738
HIGH
Cisco IOS - Unauthenticated Denial of Service via NBAR DNS Packet Parsing
CVSS 7.5
CVE-2019-9917
MEDIUM
ZNC < 1.7.3-rc1 - Denial of Service via Invalid Encoding
CVSS 6.5
CVE-2019-10063
CRITICAL
flatpak < 1.0.8, 1.1.x-1.2.x < 1.2.4, 1.3.x < 1.3.1 - Sandbox Bypass via TIOCSTI ioctl Request
CVSS 9.0
CVE-2019-1766
HIGH
Cisco IP Phone 8800 Series Firmware < 12.5(1)SR1 - Denial of Service via Unrestricted File Size
CVSS 7.5
CVE-2019-1716
HIGH
Cisco IP Phone 7800/8800 Series < 12.5(1)SR1 - RCE via Malicious HTTP Credentials
CVSS 7.5
CVE-2019-3871
MEDIUM
PowerDNS Authoritative Server < 4.0.7 and < 4.1.7 - Denial of Service via HTTP Connector Remote Backend
CVSS 6.5
CVE-2019-6690
HIGH
python-gnupg 0.4.3 - Improper Input Validation
CVSS 7.5
CVE-2019-0271
MEDIUM
SAP ABAP Server and ABAP Platform - XML External Entity Injection via Untrusted XML Document
CVSS 6.5
CVE-2019-1616
HIGH
Cisco NX-OS 8.2-8.3(1) - Unauthenticated Denial of Service via Cisco Fabric Services Packet Buffer Overflow
CVSS 8.6
CVE-2019-1605
HIGH
Cisco NX-OS - Authenticated Remote Code Execution via NX-API HTTP/HTTPS Request
CVSS 7.8
CVE-2019-1598
HIGH
Cisco Firepower/NX-OS 2.3-8.2(1) DoS via LDAP BER Parsing
CVSS 8.6
CVE-2019-1597
HIGH
Cisco Firepower EOS 2.2.2.54-2.3.1.75 & NX-OS <8.2(1) DoS via LDAP BER Parsing
CVSS 8.6
CVE-2019-1594
HIGH
Cisco NX-OS < 5.2(1)SV3(1.4b) - Unauthenticated Denial of Service via EAPOL Frame Input Validation
CVSS 7.4
CVE-2019-1588
MEDIUM
Cisco NX-OS < 14.0(1h) - Authenticated Arbitrary File Read
CVSS 4.4
CVE-2019-0670
MEDIUM
Microsoft SharePoint Enterprise Server and Foundation - Spoofing via HTTP Content Parsing
CVSS 6.1
CVE-2019-0657
MEDIUM
.NET Framework and Visual Studio - URL Spoofing via Improper Input Validation
CVSS 5.9
CVE-2019-0635
MEDIUM
Windows Hyper-V - Authenticated Information Disclosure via Improper Input Validation
CVSS 6.2
CVE-2019-0604
CRITICAL
KEV
Microsoft SharePoint - Remote Code Execution via Application Package Source Markup
CVSS 9.8
CVE-2019-0594
HIGH
Microsoft SharePoint - Remote Code Execution via Application Package Source Markup
CVSS 8.8
CVE-2019-6219
HIGH
iPhone OS < 12.1.3, macOS < 10.14.3, watchOS < 5.1.3 - Denial of Service via Maliciously Crafted Message
CVSS 7.5
CVE-2019-6555
HIGH
Cscape < 9.80 SP4 - Remote Code Execution via Crafted POC File
CVSS 7.8
Details
Vulnerabilities
12,593
Exploit Likelihood
High