CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,593 vulnerabilities with CWE-20
CVE-2019-1743 HIGH
Cisco IOS XE - Authenticated Arbitrary File Write via Malicious File Upload
CVSS 8.8
CVE-2019-1741 HIGH
Cisco IOS XE - Denial of Service via Malformed IP Packet Handling
CVSS 7.5
CVE-2019-1740 HIGH
Cisco IOS XE - Unauthenticated Denial of Service via NBAR DNS Packet Parsing
CVSS 8.6
CVE-2019-1739 HIGH
Cisco IOS - Unauthenticated Denial of Service via NBAR DNS Packet Parsing
CVSS 7.5
CVE-2019-1738 HIGH
Cisco IOS - Unauthenticated Denial of Service via NBAR DNS Packet Parsing
CVSS 7.5
CVE-2019-9917 MEDIUM
ZNC < 1.7.3-rc1 - Denial of Service via Invalid Encoding
CVSS 6.5
CVE-2019-10063 CRITICAL
flatpak < 1.0.8, 1.1.x-1.2.x < 1.2.4, 1.3.x < 1.3.1 - Sandbox Bypass via TIOCSTI ioctl Request
CVSS 9.0
CVE-2019-1766 HIGH
Cisco IP Phone 8800 Series Firmware < 12.5(1)SR1 - Denial of Service via Unrestricted File Size
CVSS 7.5
CVE-2019-1716 HIGH
Cisco IP Phone 7800/8800 Series < 12.5(1)SR1 - RCE via Malicious HTTP Credentials
CVSS 7.5
CVE-2019-3871 MEDIUM
PowerDNS Authoritative Server < 4.0.7 and < 4.1.7 - Denial of Service via HTTP Connector Remote Backend
CVSS 6.5
CVE-2019-6690 HIGH
python-gnupg 0.4.3 - Improper Input Validation
CVSS 7.5
CVE-2019-0271 MEDIUM
SAP ABAP Server and ABAP Platform - XML External Entity Injection via Untrusted XML Document
CVSS 6.5
CVE-2019-1616 HIGH
Cisco NX-OS 8.2-8.3(1) - Unauthenticated Denial of Service via Cisco Fabric Services Packet Buffer Overflow
CVSS 8.6
CVE-2019-1605 HIGH
Cisco NX-OS - Authenticated Remote Code Execution via NX-API HTTP/HTTPS Request
CVSS 7.8
CVE-2019-1598 HIGH
Cisco Firepower/NX-OS 2.3-8.2(1) DoS via LDAP BER Parsing
CVSS 8.6
CVE-2019-1597 HIGH
Cisco Firepower EOS 2.2.2.54-2.3.1.75 & NX-OS <8.2(1) DoS via LDAP BER Parsing
CVSS 8.6
CVE-2019-1594 HIGH
Cisco NX-OS < 5.2(1)SV3(1.4b) - Unauthenticated Denial of Service via EAPOL Frame Input Validation
CVSS 7.4
CVE-2019-1588 MEDIUM
Cisco NX-OS < 14.0(1h) - Authenticated Arbitrary File Read
CVSS 4.4
CVE-2019-0670 MEDIUM
Microsoft SharePoint Enterprise Server and Foundation - Spoofing via HTTP Content Parsing
CVSS 6.1
CVE-2019-0657 MEDIUM
.NET Framework and Visual Studio - URL Spoofing via Improper Input Validation
CVSS 5.9
CVE-2019-0635 MEDIUM
Windows Hyper-V - Authenticated Information Disclosure via Improper Input Validation
CVSS 6.2
CVE-2019-0604 CRITICAL KEV
Microsoft SharePoint - Remote Code Execution via Application Package Source Markup
CVSS 9.8
CVE-2019-0594 HIGH
Microsoft SharePoint - Remote Code Execution via Application Package Source Markup
CVSS 8.8
CVE-2019-6219 HIGH
iPhone OS < 12.1.3, macOS < 10.14.3, watchOS < 5.1.3 - Denial of Service via Maliciously Crafted Message
CVSS 7.5
CVE-2019-6555 HIGH
Cscape < 9.80 SP4 - Remote Code Execution via Crafted POC File
CVSS 7.8
Details
Vulnerabilities 12,593
Exploit Likelihood High