The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,597 vulnerabilities with CWE-20
CVE-2018-12176
HIGH
Intel NUC Kits - Info Disclosure, Privilege Escalation, DoS
CVSS 8.2
CVE-2018-7923
HIGH
Huawei ALP-L09 <8.0.0.150(C432) - Code Injection
CVSS 7.8
CVE-2018-7922
HIGH
Huawei ALP-L09 <8.0.0.150(C432) - Code Injection
CVSS 7.8
CVE-2018-7906
MEDIUM
Huawei Leland-AL00/Leland-AL00A 8.0.0.* - DoS
CVSS 5.5
CVE-2018-6924
HIGH
FreeBSD Kernel Memory Disclosure and DoS via ELF Header Parsing
CVSS 7.1
CVE-2018-13807
HIGH
SCALANCE X300, X408 < 4.0.0, X414 - Unauthenticated Denial of Service via Crafted Packets to Web Interface
CVSS 8.6
CVE-2018-2465
HIGH
SAP HANA 1.0 and 2.0 - Denial of Service via OData Parser XML Validation Bypass
CVSS 7.5
CVE-2018-2462
HIGH
SAP NetWeaver BI 7.30-7.50 - XML External Entity Injection in BEx Web Java Runtime Export Web Service
CVSS 8.8
CVE-2018-10935
MEDIUM
389 Directory Server 1.3.0.0-1.3.8.7 - Denial of Service via LDAP Server-Side Sort
CVSS 6.5
CVE-2018-14635
MEDIUM
OpenStack Neutron <13.0.0.0b2, <12.0.3, <11.0.5 - DoS
CVSS 6.5
CVE-2018-14620
MEDIUM
OpenStack RabbitMQ Container - SSRF
CVSS 4.7
CVE-2018-16733
HIGH
Go Ethereum <1.8.14 - Info Disclosure
CVSS 7.5
CVE-2018-16454
HIGH
PHP Scripts Mall Currency Converter Script 2.0.5 - Denial of Service via Inverted Comma Input
CVSS 7.5
CVE-2018-15483
HIGH
KONE Group Controller Firmware < 4.6.5 - Denial of Service via HTTP Interface
CVSS 7.5
CVE-2018-0658
HIGH
EC-CUBE Payment Module < 2.3.17 - Authenticated Arbitrary PHP Code Execution
CVSS 7.2
CVE-2018-6320
CRITICAL
Pulse Secure Pulse Connect Secure and Pulse Policy Secure - Server-Side Request Forgery via Host Header
CVSS 9.8
CVE-2018-5391
HIGH
Linux Kernel >=3.9 <4.18 - Denial of Service via IP Fragment Reassembly
CVSS 7.5
CVE-2018-1000773
HIGH
WordPress < 4.9.8 - Authenticated Remote Code Execution via Thumbnail Processing
CVSS 8.8
CVE-2018-14624
HIGH
389-ds-base <1.3.7.10-1.4.0.16 - DoS
CVSS 7.5
CVE-2018-13259
CRITICAL
Canonical Ubuntu Linux < 5.6 - Improper Input Validation
CVSS 9.8
CVE-2018-0502
CRITICAL
Canonical Ubuntu Linux < 5.6 - Improper Input Validation
CVSS 9.8
CVE-2018-10930
MEDIUM
glusterfs >=3.12 <3.12.14 - Authenticated Arbitrary File Write via gfs3_rename_req RPC
CVSS 6.5
CVE-2018-10929
HIGH
Debian Linux < 3.12.14 - Improper Input Validation
CVSS 8.8
CVE-2018-10927
HIGH
Debian Linux < 3.12.14 - Information Disclosure
CVSS 8.1
CVE-2018-10926
HIGH
Redhat Virtualization Host < 3.12.14 - Path Traversal
CVSS 8.8
Details
Vulnerabilities
12,597
Exploit Likelihood
High