CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,596 vulnerabilities with CWE-20
CVE-2018-0043 HIGH
Juniper Junos OS - Remote Code Execution or Denial of Service via MPLS Packet Processing
CVSS 8.8
CVE-2018-8512 MEDIUM
Microsoft Edge - Security Feature Bypass via Content Security Policy Validation
CVSS 5.4
CVE-2018-8490 HIGH
Windows 10 and Windows Server 2016/2019 - Authenticated Remote Code Execution via Hyper-V Input Validation
CVSS 8.4
CVE-2018-8489 HIGH
Windows Hyper-V - Authenticated Remote Code Execution via Guest OS Input
CVSS 8.4
CVE-2018-8265 HIGH
Microsoft Exchange Server - Remote Code Execution via Crafted Email Message Parsing
CVSS 7.8
CVE-2018-12479 MEDIUM
Open Build Service <01b015ca2a320afc4fae823465d1e72da8bd60df - DoS
CVSS 6.5
CVE-2018-12478 MEDIUM
Open Build Service - Info Disclosure
CVSS 4.8
CVE-2018-12474 MEDIUM
tar_scm < 0.9.3 - Path Traversal and Arbitrary File Write
CVSS 5.4
CVE-2018-14656 HIGH
Linux Kernel < 4.18 - Unauthenticated Kernel Memory Leak via show_opcodes() Address Check Bypass
CVSS 7.0
CVE-2018-1000809 HIGH
privacyIDEA < 2.23.2 - Denial of Service via Token Validation API
CVSS 7.5
CVE-2018-18021 HIGH
Linux Kernel < 4.18.12 - Unauthenticated Denial of Service and Control Flow Hijack via KVM_SET_ON_REG ioctl
CVSS 7.1
CVE-2018-13042 MEDIUM
1Password 6.8 for Android - Denial of Service via OpenYolo Activity Export
CVSS 5.9
CVE-2018-15431 HIGH
Cisco Webex Meetings Server - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.3
CVE-2018-15430 HIGH
Cisco TelePresence Video Communication Server - Authenticated Remote Code Execution via Malicious Upgrade Package
CVSS 7.2
CVE-2018-15429 MEDIUM
Cisco HyperFlex HX Data Platform - Unauthenticated Sensitive Information Exposure via HTTP Request
CVSS 5.3
CVE-2018-15428 MEDIUM
Cisco IOS XR - Denial of Service via Malformed BGP Update Message
CVSS 6.8
CVE-2018-15425 MEDIUM
Cisco Identity Services Engine - Authenticated Remote Code Execution via Deserialization of Untrusted Data
CVSS 4.7
CVE-2018-15424 MEDIUM
Cisco Identity Services Engine - Authenticated Remote Command Execution via Unrestricted File Upload
CVSS 4.7
CVE-2018-15422 HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15421 HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15420 HIGH
Cisco Webex Network Recording Player and Webex Player - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2018-15419 HIGH
Cisco Webex Meetings Online < 1.3.38 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15418 HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15417 HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15416 HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
Details
Vulnerabilities 12,596
Exploit Likelihood High