The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,596 vulnerabilities with CWE-20
CVE-2018-6161
HIGH
Google Chrome < 68.0.3440.75 - Same Origin Policy Bypass via Crafted HTML Page
CVSS 8.8
CVE-2018-6138
HIGH
Google Chrome <67.0.3396.62 - Privilege Escalation
CVSS 8.1
CVE-2018-6121
HIGH
Google Chrome <66.0.3359.170 - Privilege Escalation
CVSS 8.8
CVE-2018-17460
MEDIUM
Google Chrome <68.0.3440.75 - Info Disclosure
CVSS 6.5
CVE-2018-16064
MEDIUM
Chrome < 68.0.3440.75 - Navigation Restriction Bypass via Malicious Extension
CVSS 6.5
CVE-2018-20846
MEDIUM
OpenJPEG < 2.3.0 - Denial of Service via Out-of-Bounds Access in pi.c Functions
CVSS 6.5
CVE-2018-15735
MEDIUM
STOPzilla AntiMalware 6.5.2.59 - Arbitrary Write via IOCtl 0x8000206F
CVSS 5.5
CVE-2018-15734
MEDIUM
STOPzilla AntiMalware 6.5.2.59 - Arbitrary Write via szkg64.sys IOCtl 0x8000206B
CVSS 5.5
CVE-2018-15732
MEDIUM
STOPzilla AntiMalware 6.5.2.59 - Arbitrary Write via szkg64.sys IOCtl 0x80002063
CVSS 5.5
CVE-2018-15731
MEDIUM
STOPzilla AntiMalware 6.5.2.59 - Denial of Service via IOCtl 0x8000205B
CVSS 5.5
CVE-2018-15730
MEDIUM
STOPzilla AntiMalware 6.5.2.59 - Denial of Service via IOCtl 0x80002067
CVSS 5.5
CVE-2018-15729
MEDIUM
STOPzilla AntiMalware 6.5.2.59 - Denial of Service via szkg64.sys IOCtl 0x8000204B
CVSS 5.5
CVE-2018-15747
CRITICAL
glot-www < 2018-05-19 - Remote Code Execution via Python Files Content JSON
CVSS 9.8
CVE-2018-15737
MEDIUM
STOPzilla AntiMalware 6.5.2.59 - Denial of Service via IOCtl 0x80002043
CVSS 5.5
CVE-2018-15736
MEDIUM
STOPzilla AntiMalware 6.5.2.59 - Denial of Service via IOCtl 0x8000204F
CVSS 5.5
CVE-2018-18878
HIGH
Columbia Weather MicroServer Firmware MS_2.6.9900 - Denial of Service via BACnet Daemon Input Validation
CVSS 7.5
CVE-2018-20013
HIGH
UrBackup 2.2.6 - Denial of Service via Malformed Network Request
CVSS 7.5
CVE-2018-13906
CRITICAL
Snapdragon Auto- Snapdragon Compute - Timing Side Channel Analysis
CVSS 9.1
CVE-2018-10947
LOW
Polycom RealPresence Debut Firmware < 1.3.2 - Improper Input Validation
CVSS 3.1
CVE-2018-12147
MEDIUM
Intel <11.21.55 - Privilege Escalation
CVSS 6.7
CVE-2018-9839
MEDIUM
MantisBT < 1.3.14 and 2.0.0 - Authenticated Private Issue Data Exposure via Cloning
CVSS 6.5
CVE-2018-14729
HIGH
Discuz! 1.5-2.5 - Remote Code Execution via Database Backup Feature
CVSS 8.8
CVE-2018-12270
MEDIUM
Valve Steam <1528829181 BETA - CSRF
CVSS 5.4
CVE-2018-18558
MEDIUM
Espressif ESP-IDF 2.x-3.x < 3.0.6 - Arbitrary Code Execution via Bootloader Input Validation Bypass
CVSS 6.4
CVE-2018-6243
HIGH
Android - Arbitrary Code Execution via Widevine Trust Application Input Validation
CVSS 7.8
Details
Vulnerabilities
12,596
Exploit Likelihood
High