The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,597 vulnerabilities with CWE-20
CVE-2018-13111
MEDIUM
Wanscam HW0021 Firmware - Partial Denial of Service via Malicious ONVIF POST Request
CVSS 5.9
CVE-2018-15832
HIGH
Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution via URI Handler
CVSS 8.8
CVE-2018-11287
CRITICAL
Qualcomm Snapdragon Firmware - Improper Input Validation in Video Buffer Sufficiency Check
CVSS 9.8
CVE-2018-3574
MEDIUM
Android - Improper Input Validation in ION Cache Maintenance
CVSS 5.5
CVE-2018-11071
HIGH
Dell EMC Isilon OneFS 7.1.1.0-7.1.1.10 and 7.2.1.x-8.1.1.x - Unauthenticated Denial of Service via Crafted Input Data
CVSS 7.5
CVE-2018-11302
HIGH
Android - Buffer Overflow in WLAN via Unchecked Userspace Input
CVSS 7.8
CVE-2018-11294
HIGH
Android - Improper Input Validation in WLAN Handler Indication
CVSS 8.0
CVE-2018-11280
MEDIUM
Android - Denial of Service via NAT Entry Input Size Exhaustion
CVSS 5.5
CVE-2018-14641
MEDIUM
Linux Kernel 4.19-rc1-4.19-rc3 - Denial of Service via ip_frag_reasm Function
CVSS 6.5
CVE-2018-16956
MEDIUM
Oracle WebCenter Interaction Portal 10.3.3 - DoS
CVSS 6.5
CVE-2018-14631
HIGH
Moodle <3.5.2-3.4.5-3.3.8 - Reflected XSS
CVSS 8.8
CVE-2018-14630
HIGH
moodle <3.0.10, 3.5.0-3.5.2 - Remote Code Execution via XML Import of ddwtos Quiz Questions
CVSS 8.8
CVE-2018-1791
MEDIUM
IBM Connections 5.0, 5.5, and 6.0 - External Service Interaction via Request Property
CVSS 4.9
CVE-2018-17019
HIGH
Bro < 2.5.5 - Denial of Service in IRC Protocol Names Command Parsing
CVSS 7.5
CVE-2018-1330
HIGH
Apache Mesos 1.4.0-1.5.0 - Denial of Service via Malformed JSON Payload
CVSS 7.5
CVE-2018-5549
HIGH
BIG-IP APM <13.1.0.3 - Memory Corruption
CVSS 7.5
CVE-2018-5545
HIGH
F5 WebSafe Alert Server <4.2.6 - Authenticated RCE
CVSS 8.8
CVE-2018-8474
HIGH
Lync for Mac 2011 - Security Feature Bypass via Crafted Message
CVSS 7.5
CVE-2018-8439
HIGH
Windows Hyper-V - Authenticated Remote Code Execution via Improper Input Validation
CVSS 8.4
CVE-2018-8438
MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 6.8
CVE-2018-8437
MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 6.2
CVE-2018-8436
MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 6.2
CVE-2018-8434
MEDIUM
Windows Hyper-V - Information Disclosure via Improper Input Validation
CVSS 5.4
CVE-2018-8421
CRITICAL
Microsoft .NET Framework - Remote Code Execution via Untrusted Input
CVSS 9.8
CVE-2018-0965
HIGH
Windows 10 and Windows Server 2016 - Remote Code Execution via Hyper-V Input Validation
CVSS 8.4
Details
Vulnerabilities
12,597
Exploit Likelihood
High