CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,596 vulnerabilities with CWE-20
CVE-2018-4338 MEDIUM
macOS < 10.14 - Improper Input Validation
CVSS 5.5
CVE-2018-4335 MEDIUM
iPhone OS < 12.0 - Improper Input Validation
CVSS 5.5
CVE-2018-4333 MEDIUM
iPhone OS < 12.0 and macOS < 10.14 - Improper Input Validation
CVSS 5.5
CVE-2018-4322 LOW
iPhone OS < 12.0 - Improper Input Validation
CVSS 3.3
CVE-2018-4321 MEDIUM
iPhone OS < 12.0 - Entitlement Verification Bypass via Improper Input Validation
CVSS 5.3
CVE-2018-4313 MEDIUM
iPhone OS < 12.0 - Improper Input Validation in Application Snapshot Handling
CVSS 5.5
CVE-2018-4307 MEDIUM
Safari < 12 - Logic Issue via State Management
CVSS 4.3
CVE-2018-4305 MEDIUM
iPhone OS < 12.0 - Improper Input Validation
CVSS 6.5
CVE-2018-4304 MEDIUM
iPhone OS < 12.0 - Denial of Service
CVSS 5.0
CVE-2018-4303 HIGH
iPhone OS < 12.1.1, macOS < 10.14, tvOS < 12.1.1, watchOS < 5.1.2 - Input Validation Issue
CVSS 7.8
CVE-2018-4295 CRITICAL
macOS < 10.14 - Input Validation Issue
CVSS 9.8
CVE-2018-4293 MEDIUM
iPhone OS < 11.4.1 - Cookie Management Issue
CVSS 5.3
CVE-2018-4279 MEDIUM
Safari < 11.1.2 - Inconsistent User Interface Issue
CVSS 5.3
CVE-2018-4274 HIGH
Safari < 11.1.2 and iOS < 11.4.1 - URL Spoofing via Improper Input Validation
CVSS 7.5
CVE-2018-4260 MEDIUM
Safari < 11.1.2 - Inconsistent User Interface via State Management
CVSS 6.5
CVE-2018-4195 MEDIUM
Safari < 12 - Inconsistent User Interface Issue
CVSS 6.5
CVE-2018-4053 MEDIUM
GOG Galaxy 1.2.47 - Local Denial of Service via Privileged Helper Tool
CVSS 5.5
CVE-2018-1640 HIGH
IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 - Authenticated Remote Code Execution
CVSS 8.8
CVE-2018-20378 HIGH
OpenSynergy Blue SDK 3.2-6.0 - Unauthenticated Remote Code Execution via Malicious L2CAP Configuration Requests
CVSS 7.5
CVE-2018-19016 HIGH
Rockwell Automation EtherNet/IP Web Server Modules DoS via SNMP UDP Packet
CVSS 7.5
CVE-2018-19642 MEDIUM
Micro Focus Solutions Business Manager < 11.5 - Denial of Service
CVSS 5.1
CVE-2018-13798 HIGH
SICAM A8000 CP-8000/CP-802X < V14 and CP-8050 < V2.00 - Unauthenticated Denial of Service via Crafted Network Packets
CVSS 7.5
CVE-2018-20669 HIGH
Linux Kernel < 4.14.185 - Memory Corruption via i915_gem_execbuffer2_ioctl
CVSS 7.8
CVE-2018-20162 CRITICAL
Digi TransPort LR54 <4.4.0.26 - Privilege Escalation
CVSS 9.9
CVE-2018-19524 CRITICAL
Shenzhen Skyworth DT741 - DoS/Remote Code Execution
CVSS 9.8
Details
Vulnerabilities 12,596
Exploit Likelihood High