The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,596 vulnerabilities with CWE-20
CVE-2018-20614
HIGH
CIM 0.9.3 - Unauthenticated Application Reload via Install Endpoint
CVSS 7.5
CVE-2018-14988
HIGH
MXQ TV Box Firmware 4.4.2 - Denial of Service via SystemRestoreReceiver Broadcast
CVSS 7.5
CVE-2018-20575
HIGH
Orange ARV7519RW22 Livebox 2.1 Firmware - Improper Input Validation in Firmware Update Mechanism
CVSS 7.5
CVE-2018-5203
CRITICAL
DEXTUploadX5 1.0.0.0-2.2.0.0 - Remote Code Execution via ActiveX Method Argument Manipulation
CVSS 9.8
CVE-2018-20551
MEDIUM
Poppler 0.72.0 - Denial of Service via Invalid Rich Media Annotation
CVSS 6.5
CVE-2018-20539
MEDIUM
liblas 1.8.1 - Denial of Service via SpatialReference GetGTIF Function
CVSS 6.5
CVE-2018-20519
HIGH
74cms v4.2.111 - Authenticated Arbitrary Resume Read and Modify via Personal Basic Info Update
CVSS 8.1
CVE-2018-20404
HIGH
VIA Technologies EPIA-E900 Firmware - Denial of Service via ETK_E900.sys IOCTL 0x9C402048
CVSS 7.5
CVE-2018-19869
MEDIUM
Qt < 5.11.3 - Denial of Service via Malformed SVG Image
CVSS 6.5
CVE-2018-7832
HIGH
Pro-Face GP-Pro EX <4.08 - Code Injection
CVSS 8.8
CVE-2018-20424
MEDIUM
DiscuzX 3.4 - Unauthenticated Data Deletion via WeChat Unbind Request
CVSS 5.9
CVE-2018-19005
HIGH
Cscape <= 9.80.75.3 SP3 - Remote Code Execution via Crafted POC File
CVSS 7.8
CVE-2018-1000883
MEDIUM
Elixir Plug Plug <1.3.5 - Header Injection
CVSS 6.5
CVE-2018-15330
HIGH
BIG-IP <14.0.0.2, 13.1.1.1, 12.1.3.7 - DoS
CVSS 7.5
CVE-2018-1000873
MEDIUM
jackson-modules-java8 < 2.9.8 - Denial of Service via Large Nanoseconds Field in Time Value
CVSS 6.5
CVE-2018-1000849
HIGH
Alpine Linux <2.6.10, 2.7.6, 2.10.1 - Remote Code Execution
CVSS 8.8
CVE-2018-1000815
MEDIUM
Brave <0.24.0 - Script Execution Despite Blocked Setting
CVSS 4.3
CVE-2018-5199
HIGH
wizvera Veraport G3 - Unauthenticated Arbitrary File Write via Insufficient Domain Validation
CVSS 8.8
CVE-2018-20301
MEDIUM
Steve Pallen Coherence <0.5.2 - Mass Assignment
CVSS 6.5
CVE-2018-11799
MEDIUM
Apache Oozie <5.0.0 - Privilege Escalation
CVSS 6.5
CVE-2018-18999
HIGH
Advantech WebAccess/SCADA - Stack-Based Buffer Overflow via Improper Input Validation
CVSS 7.3
CVE-2018-17194
HIGH
Apache NiFi 1.0.0-1.7.1 - Denial of Service via DELETE Request Content-Length Handling
CVSS 7.5
CVE-2018-19522
MEDIUM
DriverAgent 2.2015.7.14 - Memory Corruption
CVSS 5.5
CVE-2018-20189
MEDIUM
GraphicsMagick 1.3.31 - Denial of Service via Crafted DIB File
CVSS 6.5
CVE-2018-19936
MEDIUM
PrinterOn Enterprise 4.1.4 - Info Disclosure
CVSS 6.5
Details
Vulnerabilities
12,596
Exploit Likelihood
High