The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,597 vulnerabilities with CWE-20
CVE-2018-12694
HIGH
TP-Link TL-WA850RE Hardware Version 5 - Denial of Service via data/reboot.json
CVSS 7.5
CVE-2018-12688
CRITICAL
tinyexr 0.9.5 - Denial of Service via wav2Decode Function
CVSS 9.8
CVE-2018-12635
HIGH
CirCarLife Scada <4.2.4 - Info Disclosure
CVSS 7.5
CVE-2018-7679
CRITICAL
Micro Focus Solutions Business Manager < 11.4 - Remote Code Execution via Unvalidated Avatar Image Upload
CVSS 9.8
CVE-2018-0373
MEDIUM
Cisco AnyConnect Secure Mobility Client - Denial of Service via Malicious Request
CVSS 5.5
CVE-2018-0371
MEDIUM
Cisco Meeting Server - Authenticated Denial of Service via Web Admin Interface
CVSS 6.5
CVE-2018-0337
HIGH
Cisco NX-OS - Authenticated Command Injection via File System Input Validation Bypass
CVSS 7.8
CVE-2018-0331
MEDIUM
Cisco NX-OS 7.1-7.1(5)n1(1) - Unauthenticated Denial of Service via Cisco Discovery Protocol Message
CVSS 6.5
CVE-2018-0313
HIGH
Cisco NX-OS - Authenticated Remote Code Execution via NX-API HTTP/HTTPS Packet
CVSS 8.8
CVE-2018-0306
HIGH
Cisco NX-OS < 7.3(3)n1(1) - Authenticated OS Command Injection via CLI Parser
CVSS 7.8
CVE-2018-0303
HIGH
Cisco NX-OS and FXOS - Unauthenticated Remote Code Execution or Denial of Service via Cisco Discovery Protocol Packet
CVSS 8.8
CVE-2018-0302
HIGH
Cisco FXOS and UCS Fabric Interconnect - Authenticated Buffer Overflow via CLI Parser
CVSS 7.8
CVE-2018-0299
MEDIUM
Cisco NX-OS - Authenticated Denial of Service via SNMP Poll Request
CVSS 6.5
CVE-2018-0298
HIGH
Cisco FXOS and UCS Fabric Interconnect Software - Unauthenticated Denial of Service via Web UI Buffer Overflow
CVSS 7.5
CVE-2018-0314
CRITICAL
Cisco FXOS and NX-OS - Unauthenticated Remote Code Execution via Malformed Cisco Fabric Services Packet
CVSS 9.8
CVE-2018-0312
CRITICAL
Cisco FXOS and NX-OS - Unauthenticated Remote Code Execution or Denial of Service via Malformed Fabric Services Packet
CVSS 9.8
CVE-2018-0308
CRITICAL
Cisco FXOS and NX-OS - Remote Code Execution or Denial of Service via Cisco Fabric Services Packet Header
CVSS 9.8
CVE-2018-0307
HIGH
Cisco NX-OS 6.0-7.3(3)n1(1) - Authenticated OS Command Injection via CLI Command Arguments
CVSS 7.8
CVE-2018-0304
CRITICAL
Cisco FXOS and NX-OS - Out-of-bounds Read via Cisco Fabric Services Packet Headers
CVSS 9.8
CVE-2018-0301
CRITICAL
Cisco NX-OS 6.0-7.3(3)n1(1) - Unauthenticated Remote Code Execution via NX-API Packet Buffer Overflow
CVSS 9.8
CVE-2018-0295
HIGH
Cisco NX-OS 6.0-7.3(3)n1(1) - Unauthenticated Denial of Service via Malformed BGP Update Message
CVSS 7.5
CVE-2018-0291
MEDIUM
Cisco NX-OS 6.0-7.3(3)n1(1) - Authenticated Denial of Service via SNMP PDU Input Validation
CVSS 6.5
CVE-2018-8030
HIGH
Apache Qpid Broker-J 7.0.0-7.0.4 - Denial of Service via Oversized AMQP Message
CVSS 7.5
CVE-2018-11537
MEDIUM
Auth0 angular-jwt < 0.1.10 - Domain Whitelist Bypass via Regex Interpretation
CVSS 6.5
CVE-2018-1061
MEDIUM
Python < 2.7.15 - Denial of Service via Catastrophic Backtracking in difflib.IS_LINE_JUNK
CVSS 6.5
Details
Vulnerabilities
12,597
Exploit Likelihood
High