The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,597 vulnerabilities with CWE-20
CVE-2018-15122
HIGH
Progress Telerik <2018.1.323.2-2018.2.605.0 - Code Injection
CVSS 7.8
CVE-2018-10140
MEDIUM
Palo Alto Networks PAN-OS <8.1.2 - DoS
CVSS 4.3
CVE-2018-0419
HIGH
Cisco Email Security Appliance - Unauthenticated File Filtering Bypass via EXE Attachment Detection
CVSS 7.5
CVE-2018-0418
HIGH
Cisco IOS XR < 6.3.3_base - Unauthenticated Denial of Service via Malformed PTP Traffic
CVSS 8.6
CVE-2018-0409
HIGH
Cisco TelePresence VCS & UC Manager IM&P DoS via Malicious IPv4/IPv6 Packet
CVSS 7.5
CVE-2018-8414
HIGH
KEV
Windows 10 1703, 1709, 1803 and Windows Server 1709, 1803 - Remote Code Execution via Improper File Path Validation
CVSS 8.8
CVE-2018-8412
HIGH
Microsoft Office - Privilege Escalation
CVSS 7.8
CVE-2018-8339
HIGH
Windows Installer - Privilege Escalation
CVSS 7.0
CVE-2018-8316
HIGH
Internet Explorer 10 and 11 - Remote Code Execution via Hyperlink Validation Bypass
CVSS 7.5
CVE-2018-12537
MEDIUM
Eclipse Vert.x <3.5.1 - Code Injection
CVSS 5.3
CVE-2018-3776
MEDIUM
Nextcloud Server 11.0.0-11.0.5 - Audit Log Bypass via Input Validation Issue
CVSS 5.3
CVE-2018-15185
MEDIUM
PHP Scripts Mall Naukri/Jobsite Clone Script 3.0.4 - DoS
CVSS 6.5
CVE-2018-10908
MEDIUM
ovirt vdsm < 4.20.37 - Denial of Service via Unbounded Resource Consumption in qemu-img
CVSS 6.5
CVE-2018-7059
HIGH
Aruba ClearPass < 6.6.9 - Authenticated Privilege Escalation via Cluster API
CVSS 8.8
CVE-2018-13877
HIGH
MegaCryptoPolis - Denial of Service via doPayouts Function
CVSS 7.5
CVE-2018-9866
CRITICAL
SonicWall Global Management System < 8.1 - Remote Code Execution via XML-RPC Parameter Injection
CVSS 9.8
CVE-2018-3777
CRITICAL
restforce < 3.0.0 - Parameter Injection via Insufficient URI Encoding
CVSS 9.8
CVE-2018-14923
HIGH
Uniview EZPlayer 1.0.6 - Remote Code Execution via Video Playback
CVSS 7.8
CVE-2018-14774
HIGH
Symfony <4.1.3 - Host Header Injection
CVSS 7.2
CVE-2018-14872
HIGH
Rincewind 0.1 - Unauthenticated Reinstallation via Index.php Parameter
CVSS 7.5
CVE-2018-10922
HIGH
ttembed - Denial of Service via Crafted Input File
CVSS 7.5
CVE-2018-10921
MEDIUM
ttembed - Integer Overflow in Input File Processing
CVSS 4.3
CVE-2018-12448
MEDIUM
Whale Browser <1.3.48.4 - Info Disclosure
CVSS 5.3
CVE-2018-10920
MEDIUM
Knot Resolver < 2.4.1 - Cache Poisoning via Improper Input Validation
CVSS 6.8
CVE-2018-3650
HIGH
Intel Distribution for Python < 2018 Update 2 - URI Sanitization Bypass via Bleach Module
CVSS 7.8
Details
Vulnerabilities
12,597
Exploit Likelihood
High