CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,597 vulnerabilities with CWE-20
CVE-2018-15416 HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15415 HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2018-15414 HIGH
Cisco Webex Network Recording Player and Webex Player - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2018-15413 HIGH
Cisco Webex Network Recording Player and Webex Player - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2018-15412 HIGH
Cisco Webex Network Recording Player and Webex Player - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2018-15411 HIGH
Cisco Webex Network Recording Player and Webex Player - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2018-15410 HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15409 HIGH
Cisco Webex Meetings <1.3.37 & Webex Business Suite <31.23.4 - RCE via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15408 HIGH
Cisco Webex Meetings Online < 1.3.37 - Remote Code Execution via Malicious ARF/WRF File
CVSS 7.8
CVE-2018-15387 CRITICAL
Cisco SD-WAN Solution - Auth Bypass
CVSS 9.8
CVE-2018-15369 MEDIUM
Cisco IOS and IOS XE - Unauthenticated Denial of Service via Crafted TACACS+ Response
CVSS 6.8
CVE-2018-15368 MEDIUM
Cisco IOS XE - Privilege Escalation
CVSS 6.7
CVE-2018-0485 HIGH
Cisco IOS - Unauthenticated Denial of Service via SM-1T3/E3 Module Console Input
CVSS 8.6
CVE-2018-0475 HIGH
Cisco IOS and IOS XE - Unauthenticated Denial of Service via Cluster Management Protocol Message Handling
CVSS 7.4
CVE-2018-0472 HIGH
Cisco IOS XE - Denial of Service via Malformed IPsec AH/ESP Packets
CVSS 8.6
CVE-2018-0467 HIGH
Cisco IOS XE - Unauthenticated Denial of Service via IPv6 Hop-by-Hop Option Handling
CVSS 8.6
CVE-2018-0462 MEDIUM
Cisco Enterprise NFV Infrastructure Software - Denial of Service via User Management Operations
CVSS 4.9
CVE-2018-0447 MEDIUM
Cisco Email Security Appliance - Unauthenticated URL Filter Bypass via SPF Message Validation
CVSS 5.3
CVE-2018-0440 HIGH
Cisco Data Center Network Manager < 11.0(1) - Authenticated Remote Code Execution via HTTP Request
CVSS 7.2
CVE-2018-0438 HIGH
Cisco Umbrella Enterprise Roaming Client < 2.1.127 Privilege Escalation via File Permission Bypass
CVSS 7.8
CVE-2018-0197 MEDIUM
Cisco IOS - Unauthenticated Denial of Service via VTP Packet Sequence Timeout
CVSS 6.5
CVE-2018-5492 CRITICAL
NetApp E-Series SANtricity OS Controller Software - RCE
CVSS 9.8
CVE-2018-14826 CRITICAL
Entes EMG12 < 2.57 - Authentication Bypass via Crafted URL
CVSS 9.8
CVE-2018-9452 MEDIUM
Android - Denial of Service via Slow Width Calculation in Layout.java
CVSS 5.5
CVE-2018-11750 MEDIUM
Puppet cisco_ios_module < 0.4.0 - Unauthenticated SSH Host Key Validation Bypass
CVSS 6.5
Details
Vulnerabilities 12,597
Exploit Likelihood High