The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,596 vulnerabilities with CWE-20
CVE-2018-0043
HIGH
Juniper Junos OS - Remote Code Execution or Denial of Service via MPLS Packet Processing
CVSS 8.8
CVE-2018-8512
MEDIUM
Microsoft Edge - Security Feature Bypass via Content Security Policy Validation
CVSS 5.4
CVE-2018-8490
HIGH
Windows 10 and Windows Server 2016/2019 - Authenticated Remote Code Execution via Hyper-V Input Validation
CVSS 8.4
CVE-2018-8489
HIGH
Windows Hyper-V - Authenticated Remote Code Execution via Guest OS Input
CVSS 8.4
CVE-2018-8265
HIGH
Microsoft Exchange Server - Remote Code Execution via Crafted Email Message Parsing
CVSS 7.8
CVE-2018-12479
MEDIUM
Open Build Service <01b015ca2a320afc4fae823465d1e72da8bd60df - DoS
CVSS 6.5
CVE-2018-12478
MEDIUM
Open Build Service - Info Disclosure
CVSS 4.8
CVE-2018-12474
MEDIUM
tar_scm < 0.9.3 - Path Traversal and Arbitrary File Write
CVSS 5.4
CVE-2018-14656
HIGH
Linux Kernel < 4.18 - Unauthenticated Kernel Memory Leak via show_opcodes() Address Check Bypass
CVSS 7.0
CVE-2018-1000809
HIGH
privacyIDEA < 2.23.2 - Denial of Service via Token Validation API
CVSS 7.5
CVE-2018-18021
HIGH
Linux Kernel < 4.18.12 - Unauthenticated Denial of Service and Control Flow Hijack via KVM_SET_ON_REG ioctl
CVSS 7.1
CVE-2018-13042
MEDIUM
1Password 6.8 for Android - Denial of Service via OpenYolo Activity Export
CVSS 5.9
CVE-2018-15431
HIGH
Cisco Webex Meetings Server - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.3
CVE-2018-15430
HIGH
Cisco TelePresence Video Communication Server - Authenticated Remote Code Execution via Malicious Upgrade Package
CVSS 7.2
CVE-2018-15429
MEDIUM
Cisco HyperFlex HX Data Platform - Unauthenticated Sensitive Information Exposure via HTTP Request
CVSS 5.3
CVE-2018-15428
MEDIUM
Cisco IOS XR - Denial of Service via Malformed BGP Update Message
CVSS 6.8
CVE-2018-15425
MEDIUM
Cisco Identity Services Engine - Authenticated Remote Code Execution via Deserialization of Untrusted Data
CVSS 4.7
CVE-2018-15424
MEDIUM
Cisco Identity Services Engine - Authenticated Remote Command Execution via Unrestricted File Upload
CVSS 4.7
CVE-2018-15422
HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15421
HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15420
HIGH
Cisco Webex Network Recording Player and Webex Player - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2018-15419
HIGH
Cisco Webex Meetings Online < 1.3.38 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15418
HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15417
HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15416
HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
Details
Vulnerabilities
12,596
Exploit Likelihood
High