CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,596 vulnerabilities with CWE-20
CVE-2018-19295 HIGH
Sylabs Singularity <2.7 - Info Disclosure
CVSS 7.8
CVE-2018-20168 MEDIUM
gVisor < 2018-08-22 - Denial of Service via Pagetable Reuse
CVSS 5.5
CVE-2018-20159 HIGH
i-doit 1.11.2 - Authenticated Remote Code Execution via Plugin ZIP Upload
CVSS 7.2
CVE-2018-20156 HIGH
WP Maintenance Mode <2.0.7 - Authenticated RCE
CVSS 7.2
CVE-2018-20152 MEDIUM
WordPress <4.9.9 & <5.0.1 - Auth Bypass
CVSS 6.5
CVE-2018-1977 MEDIUM
IBM DB2 for Linux, UNIX and Windows 11.1 - DoS
CVSS 5.3
CVE-2018-16875 MEDIUM
Go <1.10.6/1.11.x - DoS
CVSS 5.9
CVE-2018-16874 HIGH
Go <1.10.6, 1.11.x <1.11.3 - Path Traversal
CVSS 8.1
CVE-2018-16873 HIGH
Go <1.10.6, <1.11.3 - Remote Code Execution
CVSS 8.1
CVE-2018-16556 HIGH
SIMATIC S7-400 CPU family - Denial of Service via Crafted Packets to Port 102/tcp
CVSS 7.5
CVE-2018-13814 HIGH
SIMATIC HMI and WinCC < V14 - HTTP Header Injection via Integrated Web Server
CVSS 8.8
CVE-2018-20127 HIGH
zzzphp 1.5.8 - Arbitrary File Deletion via Mixed-Case Extension Bypass
CVSS 7.5
CVE-2018-1478 MEDIUM
IBM BigFix Platform <9.2.14, <9.5.9 - CSRF
CVSS 6.1
CVE-2018-8635 HIGH
Microsoft SharePoint Server - Privilege Escalation
CVSS 8.8
CVE-2018-8612 MEDIUM
Windows 10 and Windows Server 2016/2019 - Denial of Service in Connected User Experiences and Telemetry Service
CVSS 5.5
CVE-2018-18358 MEDIUM
Google Chrome < 71.0.3578.80 - Localhost Proxy via WPAD File
CVSS 5.7
CVE-2018-18354 HIGH
Chrome < 71.0.3578.80 - External Program Launch via Shell Integration
CVSS 8.8
CVE-2018-18351 MEDIUM
Google Chrome < 71.0.3578.80 - SameSite Cookie Policy Bypass via Lax Cookie Handling
CVSS 6.5
CVE-2018-18347 HIGH
Google Chrome < 71.0.3578.80 - Remote Code Execution via Failed Navigation Handling
CVSS 8.8
CVE-2018-1652 MEDIUM
IBM DataPower Gateway <7.6.0.3 - DoS
CVSS 6.2
CVE-2018-20051 HIGH
Jooan JA-Q1H Wi-Fi camera 21.0.0.91 - DoS
CVSS 7.5
CVE-2018-20001 MEDIUM
Libav 12.3 - Denial of Service via Floating Point Exception in range_decode_culshift
CVSS 6.5
CVE-2018-19980 HIGH
Anker Nebula Capsule Pro NBUI_M1_V2.1.9 - DoS
CVSS 7.5
CVE-2018-19967 MEDIUM
Xen < 4.11.1 - Denial of Service via HLE Transaction Mishandling
CVSS 6.5
CVE-2018-19960 HIGH
OnionShare <1.3.1 - Info Disclosure
CVSS 7.0
Details
Vulnerabilities 12,596
Exploit Likelihood High