CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,596 vulnerabilities with CWE-20
CVE-2018-11864 MEDIUM
Qualcomm Snapdragon Firmware - Unauthorized Fuse Memory Write from Secure Region
CVSS 5.5
CVE-2018-1945 MEDIUM
IBM Security Identity Governance and Intelligence <5.2.4.1 - CSRF
CVSS 6.1
CVE-2018-20782 HIGH
GloBee WooCommerce < 1.1.2 - Improper Input Validation in IPN Message Handling
CVSS 7.5
CVE-2018-6267 HIGH
Android - Denial of Service or Privilege Escalation via NVIDIA Tegra OpenMax Driver Input Validation
CVSS 7.8
CVE-2018-19008 HIGH
ABB CP400 Panel Builder < 2.0.7.05 - Remote Code Execution via TextEditor File Parser
CVSS 7.8
CVE-2018-5499 HIGH
ATTO FibreBridge 7500N Firmware 2.95 - Denial of Service
CVSS 7.5
CVE-2018-12549 CRITICAL
Eclipse OpenJ9 <0.11.0 - Memory Corruption
CVSS 9.8
CVE-2018-12547 CRITICAL
Eclipse OpenJ9 <0.12.0 - Buffer Overflow
CVSS 9.8
CVE-2018-11847 HIGH
Snapdragon Auto- Snapdragon Compute - Memory Corruption
CVSS 7.8
CVE-2018-20771 CRITICAL
Xerox WorkCentre 3655/3655i/58XX/58XXi/59XX/59XXi - Unauthenticated Remote Command Execution
CVSS 9.8
CVE-2018-20767 HIGH
Xerox WorkCentre Multiple Models < R18-05 073.xxx.0487.15000 - Authenticated RCE
CVSS 8.8
CVE-2018-15778 HIGH
Dell Networking OS10 < 10.4.2.1 - Command Injection via CLI Input
CVSS 8.8
CVE-2018-18988 HIGH
LCDS Laquis SCADA < 4.1.0.4150 - Remote Code Execution via Crafted Report File
CVSS 8.8
CVE-2018-5498 MEDIUM
Clustered Data ONTAP 9.0-9.4 - Authenticated Denial of Service in NFS and SMB Environments
CVSS 4.4
CVE-2018-6241 HIGH
Android NVIDIA Tegra Gralloc - Arbitrary Code Execution via Unvalidated Registerbuffer API Parameter
CVSS 7.8
CVE-2018-15136 MEDIUM
TitanHQ SpamTitan <7.01 - Info Disclosure
CVSS 5.3
CVE-2018-19010 MEDIUM
Draeger Infinity Delta, Delta XL, Kappa, and Infinity Explorer C700 - Denial of Service via Malformed Network Packet
CVSS 6.5
CVE-2018-16889 MEDIUM
Ceph < 13.2.4 - Sensitive Information Disclosure in Debug Logging
CVSS 5.5
CVE-2018-20743 HIGH
Mumble < 1.2.19 - Denial of Service via Message Flood
CVSS 7.5
CVE-2018-5869 HIGH
Qualcomm Snapdragon Mobile and Snapdragon Wear - Memory Corruption in QTEE Keymaster
CVSS 7.8
CVE-2018-11999 MEDIUM
Qualcomm Snapdragon Firmware - Denial of Service via TrustZone Input Validation
CVSS 5.5
CVE-2018-20720 HIGH
ABB Relion 630 Firmware 1.1-1.1.0.C0, 1.2-1.2.0.B3, 1.3-1.3.0.A6 - Denial of Service via SPA Message
CVSS 7.5
CVE-2018-4277 HIGH
Safari < 11.1.1 - URL Spoofing via Improper Input Validation
CVSS 7.5
CVE-2018-4254 CRITICAL
macOS High Sierra < 10.13.5 - Kernel Input Validation Issue
CVSS 9.8
CVE-2018-4213 HIGH
Safari < 11.1 - Denial of Service via ASSERT Failure
CVSS 8.8
Details
Vulnerabilities 12,596
Exploit Likelihood High