The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,593 vulnerabilities with CWE-20
CVE-2019-1988
HIGH
Android 8.0-9 - Remote Code Execution via SkSwizzler.cpp Improper Input Validation
CVSS 8.8
CVE-2019-1689
HIGH
Cisco Webex Teams < 3.13.26920 - Authenticated Arbitrary File Write via Malicious File Upload
CVSS 7.3
CVE-2019-1691
MEDIUM
Cisco Firepower Threat Defense < 6.2.3.4 - Unauthenticated Denial of Service via SSL/TLS Packet Header
CVSS 5.8
CVE-2019-8954
HIGH
Indexhibit 2.1.5 - Remote Code Execution via v Parameter in ndxzstudio System Action
CVSS 8.8
CVE-2019-5783
HIGH
Google Chrome < 72.0.3626.81 - Dangling Markup Injection via DevTools
CVSS 8.8
CVE-2019-5780
HIGH
Google Chrome < 72.0.3626.81 - Local JavaScript Execution via Apple Events
CVSS 7.8
CVE-2019-5769
HIGH
Google Chrome < 72.0.3626.81 - Remote Code Execution via Invalid End Character Position in Blink
CVSS 8.8
CVE-2019-0255
HIGH
SAP NetWeaver AS ABAP Platform Kernel 7.73-7.75 - Privilege Escalation via Improper Installation Type Validation
CVSS 8.1
CVE-2019-1676
MEDIUM
Cisco Meeting Server < 2.3.9 - Unauthenticated Denial of Service via SDP Message Processing
CVSS 6.8
CVE-2019-1680
MEDIUM
Cisco Webex Business Suite < 3.0.9 - Unauthenticated Arbitrary Text Injection via Malicious URL
CVSS 4.3
CVE-2019-1678
MEDIUM
Cisco Meeting Server < 2.4.3 - Authenticated Denial of Service via coSpace Configuration Parameters
CVSS 4.3
CVE-2019-7412
CRITICAL
PS PHPCaptcha WP <1.2.0 - Info Disclosure
CVSS 9.8
CVE-2019-1656
MEDIUM
Cisco Enterprise NFV Infrastructure Software - Authenticated Shell Access via CLI Input Validation Bypass
CVSS 5.3
CVE-2019-1652
HIGH
KEV
Cisco RV320 and RV325 Firmware 1.4.2.15-1.4.2.21 - Authenticated Remote Code Execution via HTTP POST Request
CVSS 7.2
CVE-2019-1650
HIGH
Cisco SD-WAN Solution - Authenticated Arbitrary File Write via CLI Save Command
CVSS 8.8
CVE-2019-1648
HIGH
Cisco SD-WAN Solution - Authenticated Privilege Escalation via User Group Configuration
CVSS 7.8
CVE-2019-6339
CRITICAL
Drupal Core < 7.62 - Remote Code Execution via phar:// Stream Wrapper
CVSS 9.8
CVE-2019-3581
HIGH
McAfee Web Gateway 7.8.2.0-7.8.2.4 - Denial of Service via Crafted HTTP Request Parameter
CVSS 7.5
CVE-2019-5717
MEDIUM
Wireshark 2.4.0-2.4.11 and 2.6.0-2.6.5 - Denial of Service in P_MUL Dissector
CVSS 5.5
CVE-2019-5716
MEDIUM
Wireshark 2.6.0-2.6.5 - Denial of Service in 6LoWPAN Dissector
CVSS 5.5
CVE-2019-0551
HIGH
Windows 10 and Windows Server 2016/2019 - Remote Code Execution via Hyper-V Input Validation
CVSS 8.4
CVE-2019-0550
HIGH
Windows Hyper-V - Remote Code Execution via Improper Input Validation
CVSS 8.4
CVE-2018-25160
MEDIUM
HTTP::Session2 <=1.09 - Code Injection
CVSS 6.5
CVE-2018-7935
MEDIUM
Huawei E5573Cs-322 Firmware 21.328.01.00.00 - Denial of Service
CVSS 5.3
CVE-2018-25031
MEDIUM
Swagger UI < 4.1.3 - Server-Side Request Forgery via OpenAPI Definition URL
CVSS 4.3
Details
Vulnerabilities
12,593
Exploit Likelihood
High