The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,596 vulnerabilities with CWE-20
CVE-2018-11864
MEDIUM
Qualcomm Snapdragon Firmware - Unauthorized Fuse Memory Write from Secure Region
CVSS 5.5
CVE-2018-1945
MEDIUM
IBM Security Identity Governance and Intelligence <5.2.4.1 - CSRF
CVSS 6.1
CVE-2018-20782
HIGH
GloBee WooCommerce < 1.1.2 - Improper Input Validation in IPN Message Handling
CVSS 7.5
CVE-2018-6267
HIGH
Android - Denial of Service or Privilege Escalation via NVIDIA Tegra OpenMax Driver Input Validation
CVSS 7.8
CVE-2018-19008
HIGH
ABB CP400 Panel Builder < 2.0.7.05 - Remote Code Execution via TextEditor File Parser
CVSS 7.8
CVE-2018-5499
HIGH
ATTO FibreBridge 7500N Firmware 2.95 - Denial of Service
CVSS 7.5
CVE-2018-12549
CRITICAL
Eclipse OpenJ9 <0.11.0 - Memory Corruption
CVSS 9.8
CVE-2018-12547
CRITICAL
Eclipse OpenJ9 <0.12.0 - Buffer Overflow
CVSS 9.8
CVE-2018-11847
HIGH
Snapdragon Auto- Snapdragon Compute - Memory Corruption
CVSS 7.8
CVE-2018-20771
CRITICAL
Xerox WorkCentre 3655/3655i/58XX/58XXi/59XX/59XXi - Unauthenticated Remote Command Execution
CVSS 9.8
CVE-2018-20767
HIGH
Xerox WorkCentre Multiple Models < R18-05 073.xxx.0487.15000 - Authenticated RCE
CVSS 8.8
CVE-2018-15778
HIGH
Dell Networking OS10 < 10.4.2.1 - Command Injection via CLI Input
CVSS 8.8
CVE-2018-18988
HIGH
LCDS Laquis SCADA < 4.1.0.4150 - Remote Code Execution via Crafted Report File
CVSS 8.8
CVE-2018-5498
MEDIUM
Clustered Data ONTAP 9.0-9.4 - Authenticated Denial of Service in NFS and SMB Environments
CVSS 4.4
CVE-2018-6241
HIGH
Android NVIDIA Tegra Gralloc - Arbitrary Code Execution via Unvalidated Registerbuffer API Parameter
CVSS 7.8
CVE-2018-15136
MEDIUM
TitanHQ SpamTitan <7.01 - Info Disclosure
CVSS 5.3
CVE-2018-19010
MEDIUM
Draeger Infinity Delta, Delta XL, Kappa, and Infinity Explorer C700 - Denial of Service via Malformed Network Packet
CVSS 6.5
CVE-2018-16889
MEDIUM
Ceph < 13.2.4 - Sensitive Information Disclosure in Debug Logging
CVSS 5.5
CVE-2018-20743
HIGH
Mumble < 1.2.19 - Denial of Service via Message Flood
CVSS 7.5
CVE-2018-5869
HIGH
Qualcomm Snapdragon Mobile and Snapdragon Wear - Memory Corruption in QTEE Keymaster
CVSS 7.8
CVE-2018-11999
MEDIUM
Qualcomm Snapdragon Firmware - Denial of Service via TrustZone Input Validation
CVSS 5.5
CVE-2018-20720
HIGH
ABB Relion 630 Firmware 1.1-1.1.0.C0, 1.2-1.2.0.B3, 1.3-1.3.0.A6 - Denial of Service via SPA Message
CVSS 7.5
CVE-2018-4277
HIGH
Safari < 11.1.1 - URL Spoofing via Improper Input Validation
CVSS 7.5
CVE-2018-4254
CRITICAL
macOS High Sierra < 10.13.5 - Kernel Input Validation Issue
CVSS 9.8
CVE-2018-4213
HIGH
Safari < 11.1 - Denial of Service via ASSERT Failure
CVSS 8.8
Details
Vulnerabilities
12,596
Exploit Likelihood
High