The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,597 vulnerabilities with CWE-20
CVE-2018-0032
HIGH
Junos OS 16.1X65 < D47, 17.2X75 < D91/D110, 17.3 < R1-S4/R2, 17.4 < R1-S3/R2 - Denial of Service via Crafted BGP UPDATE
CVSS 7.5
CVE-2018-0027
HIGH
Juniper Junos OS 16.1 - Denial of Service via Crafted RSVP PATH Message
CVSS 7.5
CVE-2018-8007
HIGH
Apache CouchDB - Privilege Escalation
CVSS 7.2
CVE-2018-8311
HIGH
Skype for Business and Microsoft Lync - Crafted Content Remote Code Execution
CVSS 8.8
CVE-2018-8300
HIGH
Microsoft SharePoint Enterprise Server - Remote Code Execution via Application Package Source Markup
CVSS 8.8
CVE-2018-8260
HIGH
.NET Framework 4.7.2 - Remote Code Execution via Improper Source Markup Validation
CVSS 8.8
CVE-2018-8232
HIGH
Microsoft Macro Assembler - Code Injection
CVSS 7.8
CVE-2018-2439
MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service via Malformed Data Packet
CVSS 5.9
CVE-2018-10891
HIGH
moodle 3.1-3.1.12, 3.5.0 - Stored Cross-Site Scripting in Quiz Question Bank Import
CVSS 7.3
CVE-2018-10943
HIGH
Barco ClickShare CSE-200 and CS-100 Firmware < 1.6.0.3 - Denial of Service via TCP Port 7100
CVSS 7.5
CVE-2018-10888
MEDIUM
libgit2 < 0.27.3 - Out-of-bounds Read in Binary Delta File Handling
CVSS 6.5
CVE-2018-13389
MEDIUM
Atlassian Confluence < 6.6.1 - Web Content Spoofing via RDF+XML Attachment
CVSS 4.7
CVE-2018-13795
HIGH
Gravity < 0.5.1 - Denial of Service via Unbounded Recursion Depth
CVSS 7.5
CVE-2018-1000617
HIGH
Atlassian Floodlight Controller <1.2 - DoS
CVSS 7.5
CVE-2018-3597
HIGH
Android - Arbitrary Kernel Write via ADSP RPC Driver
CVSS 7.8
CVE-2018-13348
HIGH
Mercurial < 4.6.1 - Denial of Service via mpatch_decode Function
CVSS 7.5
CVE-2018-13346
HIGH
Mercurial < 4.6.1 - Denial of Service via mpatch_apply Fragment Start Validation
CVSS 7.5
CVE-2018-8038
HIGH
Apache CXF Fediz <1.4.4 - Info Disclosure
CVSS 7.5
CVE-2018-10885
MEDIUM
OpenShift < 3.10.9 - Denial of Service via Malicious Network-Policy Configuration
CVSS 6.5
CVE-2018-9242
MEDIUM
PAN-OS < 6.1.20 - Arbitrary File Deletion via Management Web Interface
CVSS 5.5
CVE-2018-3753
CRITICAL
merge-object < 1.0.0 - Prototype Pollution via Utilities Function
CVSS 9.8
CVE-2018-3752
CRITICAL
merge-options <= 1.0.0 - Prototype Pollution via Utilities Function
CVSS 9.8
CVE-2018-3751
CRITICAL
merge-recursive <= 0.3.0 - Prototype Pollution via Utilities Function
CVSS 9.8
CVE-2018-3750
CRITICAL
deep-extend < 0.5.0 - Prototype Pollution via Utilities Function
CVSS 9.8
CVE-2018-3749
CRITICAL
deap < 1.0.1 - Prototype Pollution via Utilities Function
CVSS 9.8
Details
Vulnerabilities
12,597
Exploit Likelihood
High