CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,596 vulnerabilities with CWE-20
CVE-2018-12543 HIGH
Eclipse Mosquitto 1.5.0-1.5.2 - Denial of Service via Invalid Topic String
CVSS 7.5
CVE-2018-9523 HIGH
Android 7.0-9 - Local Privilege Escalation via Parcel Serialization Mismatch
CVSS 7.8
CVE-2018-9347 MEDIUM
Android 7.0-9 - Denial of Service via SMF_ParseMetaEvent Infinite Loop
CVSS 6.5
CVE-2018-6078 MEDIUM
Google Chrome < 65.0.3325.146 - URL Spoofing via Confusable Characters in Omnibox
CVSS 4.3
CVE-2018-6074 HIGH
Google Chrome <65.0.3325.146 - CSRF
CVSS 8.8
CVE-2018-6068 MEDIUM
Google Chrome <65.0.3325.146 - Info Disclosure
CVSS 4.3
CVE-2018-17472 CRITICAL
Google Chrome < 70.0.3538.67 - Sandbox Escape via googlechrome:// URL Scheme
CVSS 9.6
CVE-2018-19204 HIGH
PRTG Network Monitor <18.3.44.2054 - RCE
CVSS 8.8
CVE-2018-14644 MEDIUM
PowerDNS Recursor <4.1.4 - Info Disclosure
CVSS 5.3
CVE-2018-15450 MEDIUM
Cisco Prime Collaboration Assurance - Authenticated Arbitrary File Write via UI Input Field
CVSS 6.5
CVE-2018-15449 MEDIUM
Cisco Video Surveillance Media Server - Denial of Service via Malicious Link
CVSS 4.3
CVE-2018-19114 HIGH
MinDoc < 1.0.2 - Privilege Escalation via Image Upload Session ID Manipulation
CVSS 8.8
CVE-2018-6433 MEDIUM
Brocade Fabric OS < 7.4.2d - Unauthenticated File Copy Bypass via secryptocfg Export Command
CVSS 5.5
CVE-2018-16472 HIGH
cached-path-relative <=1.0.1 - Prototype Pollution via Input Validation Bypass
CVSS 7.5
CVE-2018-9362 HIGH
Android - Remote Denial of Service in InboundSmsHandler
CVSS 7.5
CVE-2018-15454 HIGH
Cisco Adaptive Security Appliance and Firepower Threat Defense - Denial of Service via SIP Traffic
CVSS 8.6
CVE-2018-14661 MEDIUM
GlusterFS 3.8.4 - Format String Attack
CVSS 6.5
CVE-2018-15324 MEDIUM
BIG-IP APM 13.0.0-13.1.1.1 - Denial of Service via Crafted APM Portal Access Request
CVSS 5.9
CVE-2018-15323 MEDIUM
F5 BIG-IP 13.0.0-13.1.1.1, 14.0.0-14.0.0.2 - Denial of Service via MQTT Profile Traffic Processing
CVSS 5.9
CVE-2018-15319 HIGH
BIG-IP <14.0.0.2, 13.1.1.1, 12.1.3.6 - DoS
CVSS 7.5
CVE-2018-15318 HIGH
BIG-IP 12.1.3.4-12.1.3.6 13.1.0.4-13.1.1.1 14.0.0-14.0.0.2 - Denial of Service via MPTCP Abort Signal
CVSS 7.5
CVE-2018-16469 HIGH
merge < 1.2.1 - Denial of Service via Prototype Pollution
CVSS 7.5
CVE-2018-10711 HIGH
ASRock RGBLED <1.0.35.1, A-Tuning/F-Stream <3.0.210, RestartToUEFI <1.0.6.2 - Ring-0 Code Execution via MSR
CVSS 7.8
CVE-2018-11873 HIGH
Snapdragon Mobile SD 845 - Buffer Overflow
CVSS 7.8
CVE-2018-11872 HIGH
Snapdragon Mobile <SD 845-SDA660 - Buffer Overflow
CVSS 7.8
Details
Vulnerabilities 12,596
Exploit Likelihood High