CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,593 vulnerabilities with CWE-20
CVE-2019-1988 HIGH
Android 8.0-9 - Remote Code Execution via SkSwizzler.cpp Improper Input Validation
CVSS 8.8
CVE-2019-1689 HIGH
Cisco Webex Teams < 3.13.26920 - Authenticated Arbitrary File Write via Malicious File Upload
CVSS 7.3
CVE-2019-1691 MEDIUM
Cisco Firepower Threat Defense < 6.2.3.4 - Unauthenticated Denial of Service via SSL/TLS Packet Header
CVSS 5.8
CVE-2019-8954 HIGH
Indexhibit 2.1.5 - Remote Code Execution via v Parameter in ndxzstudio System Action
CVSS 8.8
CVE-2019-5783 HIGH
Google Chrome < 72.0.3626.81 - Dangling Markup Injection via DevTools
CVSS 8.8
CVE-2019-5780 HIGH
Google Chrome < 72.0.3626.81 - Local JavaScript Execution via Apple Events
CVSS 7.8
CVE-2019-5769 HIGH
Google Chrome < 72.0.3626.81 - Remote Code Execution via Invalid End Character Position in Blink
CVSS 8.8
CVE-2019-0255 HIGH
SAP NetWeaver AS ABAP Platform Kernel 7.73-7.75 - Privilege Escalation via Improper Installation Type Validation
CVSS 8.1
CVE-2019-1676 MEDIUM
Cisco Meeting Server < 2.3.9 - Unauthenticated Denial of Service via SDP Message Processing
CVSS 6.8
CVE-2019-1680 MEDIUM
Cisco Webex Business Suite < 3.0.9 - Unauthenticated Arbitrary Text Injection via Malicious URL
CVSS 4.3
CVE-2019-1678 MEDIUM
Cisco Meeting Server < 2.4.3 - Authenticated Denial of Service via coSpace Configuration Parameters
CVSS 4.3
CVE-2019-7412 CRITICAL
PS PHPCaptcha WP <1.2.0 - Info Disclosure
CVSS 9.8
CVE-2019-1656 MEDIUM
Cisco Enterprise NFV Infrastructure Software - Authenticated Shell Access via CLI Input Validation Bypass
CVSS 5.3
CVE-2019-1652 HIGH KEV
Cisco RV320 and RV325 Firmware 1.4.2.15-1.4.2.21 - Authenticated Remote Code Execution via HTTP POST Request
CVSS 7.2
CVE-2019-1650 HIGH
Cisco SD-WAN Solution - Authenticated Arbitrary File Write via CLI Save Command
CVSS 8.8
CVE-2019-1648 HIGH
Cisco SD-WAN Solution - Authenticated Privilege Escalation via User Group Configuration
CVSS 7.8
CVE-2019-6339 CRITICAL
Drupal Core < 7.62 - Remote Code Execution via phar:// Stream Wrapper
CVSS 9.8
CVE-2019-3581 HIGH
McAfee Web Gateway 7.8.2.0-7.8.2.4 - Denial of Service via Crafted HTTP Request Parameter
CVSS 7.5
CVE-2019-5717 MEDIUM
Wireshark 2.4.0-2.4.11 and 2.6.0-2.6.5 - Denial of Service in P_MUL Dissector
CVSS 5.5
CVE-2019-5716 MEDIUM
Wireshark 2.6.0-2.6.5 - Denial of Service in 6LoWPAN Dissector
CVSS 5.5
CVE-2019-0551 HIGH
Windows 10 and Windows Server 2016/2019 - Remote Code Execution via Hyper-V Input Validation
CVSS 8.4
CVE-2019-0550 HIGH
Windows Hyper-V - Remote Code Execution via Improper Input Validation
CVSS 8.4
CVE-2018-25160 MEDIUM
HTTP::Session2 <=1.09 - Code Injection
CVSS 6.5
CVE-2018-7935 MEDIUM
Huawei E5573Cs-322 Firmware 21.328.01.00.00 - Denial of Service
CVSS 5.3
CVE-2018-25031 MEDIUM
Swagger UI < 4.1.3 - Server-Side Request Forgery via OpenAPI Definition URL
CVSS 4.3
Details
Vulnerabilities 12,593
Exploit Likelihood High