The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,596 vulnerabilities with CWE-20
CVE-2018-20580
HIGH
SmartBear ReadyAPI 2.5.0-2.6.0 - Remote Code Execution via WSDL Import
CVSS 8.8
CVE-2018-2015
MEDIUM
IBM API Connect < 2018.4.1.4 - Improper Input Validation
CVSS 6.4
CVE-2018-20835
HIGH
tar-fs < 1.16.2 - Arbitrary File Overwrite via Hardlink and Plain File Extraction
CVSS 7.5
CVE-2018-15003
HIGH
Coolpad Defiant and T-Mobile Revvl Plus Firmware - Unauthenticated Factory Reset via UiccReceiver Broadcast Receiver
CVSS 7.5
CVE-2018-14994
HIGH
Essential Phone Android - Privilege Escalation
CVSS 7.5
CVE-2018-14991
CRITICAL
Coolpad Defiant, ZTE ZMAX Pro, and T-Mobile REVVL Plus - Pre-installed RCS App Arbitrary SMS Access
CVSS 9.8
CVE-2018-14990
HIGH
Coolpad Defiant, ZTE ZMAX Pro, T-Mobile Revvl Plus - RCE
CVSS 7.5
CVE-2018-14989
HIGH
Plum Compass Android - Privilege Escalation
CVSS 7.5
CVE-2018-14983
MEDIUM
Sony Xperia L1 Firmware - Unauthenticated Screenshot Capture and Notification Exposure via Broadcast Receiver
CVSS 5.5
CVE-2018-20823
HIGH
Xiaomi Mi 5s Firmware - Denial of Service via MEMS Ultrasound Attack
CVSS 7.5
CVE-2018-7577
HIGH
Google Snappy 1.1.4 - Memory Corruption via Memcpy Parameter Overlap
CVSS 8.1
CVE-2018-0248
MEDIUM
Cisco Wireless LAN Controller Software < 8.3.150.0 - Authenticated Denial of Service via GUI Configuration Input
CVSS 6.8
CVE-2018-4007
HIGH
Shimo VPN 4.1.5.1 - Privilege Escalation via DeleteConfig Functionality
CVSS 7.1
CVE-2018-4006
HIGH
Shimo VPN 4.1.5.1 - Privilege Escalation via writeConfig Functionality
CVSS 7.8
CVE-2018-4005
HIGH
Shimo VPN 4.1.5.1 - Privilege Escalation via configureRoutingWithCommand Function
CVSS 7.8
CVE-2018-4004
MEDIUM
Shimo VPN 4.1.5.1 - Privilege Escalation via DisconnectService Helper
CVSS 5.5
CVE-2018-16561
HIGH
SIMATIC S7-300 CPUs < V3.X.16 - Unauthenticated Denial of Service via S7 Communication Packet
CVSS 7.5
CVE-2018-16559
HIGH
SIMATIC S7-1500 CPU < V2.5 and <= V1.8.5 - Unauthenticated Denial of Service via Crafted Network Packets
CVSS 7.5
CVE-2018-16558
HIGH
SIMATIC S7-1500 CPU < 1.8.5 - Unauthenticated Denial of Service via Crafted Network Packets
CVSS 7.5
CVE-2018-20487
HIGH
Inteno IOPSYS 1.0-3.16 - Remote Code Execution via Firewall Include Path Injection
CVSS 8.8
CVE-2018-19300
CRITICAL
D-Link DAP-1530, DAP-1610, DWR-111, DWR-116, DWR-512, DWR-711, DWR-712, DWR-921 - RCE via EXCU_SHELL URI
CVSS 9.8
CVE-2018-11966
HIGH
Snapdragon Auto/Mobile/Compute/Wearables - Memory Corruption
CVSS 7.8
CVE-2018-11830
HIGH
Qualcomm MDM9206/9607/9650/9655, MSM8996AU, SD 410/12/820A Firmware Integer Overflow
CVSS 7.8
CVE-2018-4462
MEDIUM
macOS < 10.14.2 - Improper Input Validation
CVSS 5.5
CVE-2018-4460
MEDIUM
iPhone OS < 12.1.1 - Denial of Service
CVSS 6.5
Details
Vulnerabilities
12,596
Exploit Likelihood
High