CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,597 vulnerabilities with CWE-20
CVE-2018-13111 MEDIUM
Wanscam HW0021 Firmware - Partial Denial of Service via Malicious ONVIF POST Request
CVSS 5.9
CVE-2018-15832 HIGH
Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution via URI Handler
CVSS 8.8
CVE-2018-11287 CRITICAL
Qualcomm Snapdragon Firmware - Improper Input Validation in Video Buffer Sufficiency Check
CVSS 9.8
CVE-2018-3574 MEDIUM
Android - Improper Input Validation in ION Cache Maintenance
CVSS 5.5
CVE-2018-11071 HIGH
Dell EMC Isilon OneFS 7.1.1.0-7.1.1.10 and 7.2.1.x-8.1.1.x - Unauthenticated Denial of Service via Crafted Input Data
CVSS 7.5
CVE-2018-11302 HIGH
Android - Buffer Overflow in WLAN via Unchecked Userspace Input
CVSS 7.8
CVE-2018-11294 HIGH
Android - Improper Input Validation in WLAN Handler Indication
CVSS 8.0
CVE-2018-11280 MEDIUM
Android - Denial of Service via NAT Entry Input Size Exhaustion
CVSS 5.5
CVE-2018-14641 MEDIUM
Linux Kernel 4.19-rc1-4.19-rc3 - Denial of Service via ip_frag_reasm Function
CVSS 6.5
CVE-2018-16956 MEDIUM
Oracle WebCenter Interaction Portal 10.3.3 - DoS
CVSS 6.5
CVE-2018-14631 HIGH
Moodle <3.5.2-3.4.5-3.3.8 - Reflected XSS
CVSS 8.8
CVE-2018-14630 HIGH
moodle <3.0.10, 3.5.0-3.5.2 - Remote Code Execution via XML Import of ddwtos Quiz Questions
CVSS 8.8
CVE-2018-1791 MEDIUM
IBM Connections 5.0, 5.5, and 6.0 - External Service Interaction via Request Property
CVSS 4.9
CVE-2018-17019 HIGH
Bro < 2.5.5 - Denial of Service in IRC Protocol Names Command Parsing
CVSS 7.5
CVE-2018-1330 HIGH
Apache Mesos 1.4.0-1.5.0 - Denial of Service via Malformed JSON Payload
CVSS 7.5
CVE-2018-5549 HIGH
BIG-IP APM <13.1.0.3 - Memory Corruption
CVSS 7.5
CVE-2018-5545 HIGH
F5 WebSafe Alert Server <4.2.6 - Authenticated RCE
CVSS 8.8
CVE-2018-8474 HIGH
Lync for Mac 2011 - Security Feature Bypass via Crafted Message
CVSS 7.5
CVE-2018-8439 HIGH
Windows Hyper-V - Authenticated Remote Code Execution via Improper Input Validation
CVSS 8.4
CVE-2018-8438 MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 6.8
CVE-2018-8437 MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 6.2
CVE-2018-8436 MEDIUM
Microsoft Hyper-V Network Switch - DoS
CVSS 6.2
CVE-2018-8434 MEDIUM
Windows Hyper-V - Information Disclosure via Improper Input Validation
CVSS 5.4
CVE-2018-8421 CRITICAL
Microsoft .NET Framework - Remote Code Execution via Untrusted Input
CVSS 9.8
CVE-2018-0965 HIGH
Windows 10 and Windows Server 2016 - Remote Code Execution via Hyper-V Input Validation
CVSS 8.4
Details
Vulnerabilities 12,597
Exploit Likelihood High