CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,597 vulnerabilities with CWE-20
CVE-2018-12694 HIGH
TP-Link TL-WA850RE Hardware Version 5 - Denial of Service via data/reboot.json
CVSS 7.5
CVE-2018-12688 CRITICAL
tinyexr 0.9.5 - Denial of Service via wav2Decode Function
CVSS 9.8
CVE-2018-12635 HIGH
CirCarLife Scada <4.2.4 - Info Disclosure
CVSS 7.5
CVE-2018-7679 CRITICAL
Micro Focus Solutions Business Manager < 11.4 - Remote Code Execution via Unvalidated Avatar Image Upload
CVSS 9.8
CVE-2018-0373 MEDIUM
Cisco AnyConnect Secure Mobility Client - Denial of Service via Malicious Request
CVSS 5.5
CVE-2018-0371 MEDIUM
Cisco Meeting Server - Authenticated Denial of Service via Web Admin Interface
CVSS 6.5
CVE-2018-0337 HIGH
Cisco NX-OS - Authenticated Command Injection via File System Input Validation Bypass
CVSS 7.8
CVE-2018-0331 MEDIUM
Cisco NX-OS 7.1-7.1(5)n1(1) - Unauthenticated Denial of Service via Cisco Discovery Protocol Message
CVSS 6.5
CVE-2018-0313 HIGH
Cisco NX-OS - Authenticated Remote Code Execution via NX-API HTTP/HTTPS Packet
CVSS 8.8
CVE-2018-0306 HIGH
Cisco NX-OS < 7.3(3)n1(1) - Authenticated OS Command Injection via CLI Parser
CVSS 7.8
CVE-2018-0303 HIGH
Cisco NX-OS and FXOS - Unauthenticated Remote Code Execution or Denial of Service via Cisco Discovery Protocol Packet
CVSS 8.8
CVE-2018-0302 HIGH
Cisco FXOS and UCS Fabric Interconnect - Authenticated Buffer Overflow via CLI Parser
CVSS 7.8
CVE-2018-0299 MEDIUM
Cisco NX-OS - Authenticated Denial of Service via SNMP Poll Request
CVSS 6.5
CVE-2018-0298 HIGH
Cisco FXOS and UCS Fabric Interconnect Software - Unauthenticated Denial of Service via Web UI Buffer Overflow
CVSS 7.5
CVE-2018-0314 CRITICAL
Cisco FXOS and NX-OS - Unauthenticated Remote Code Execution via Malformed Cisco Fabric Services Packet
CVSS 9.8
CVE-2018-0312 CRITICAL
Cisco FXOS and NX-OS - Unauthenticated Remote Code Execution or Denial of Service via Malformed Fabric Services Packet
CVSS 9.8
CVE-2018-0308 CRITICAL
Cisco FXOS and NX-OS - Remote Code Execution or Denial of Service via Cisco Fabric Services Packet Header
CVSS 9.8
CVE-2018-0307 HIGH
Cisco NX-OS 6.0-7.3(3)n1(1) - Authenticated OS Command Injection via CLI Command Arguments
CVSS 7.8
CVE-2018-0304 CRITICAL
Cisco FXOS and NX-OS - Out-of-bounds Read via Cisco Fabric Services Packet Headers
CVSS 9.8
CVE-2018-0301 CRITICAL
Cisco NX-OS 6.0-7.3(3)n1(1) - Unauthenticated Remote Code Execution via NX-API Packet Buffer Overflow
CVSS 9.8
CVE-2018-0295 HIGH
Cisco NX-OS 6.0-7.3(3)n1(1) - Unauthenticated Denial of Service via Malformed BGP Update Message
CVSS 7.5
CVE-2018-0291 MEDIUM
Cisco NX-OS 6.0-7.3(3)n1(1) - Authenticated Denial of Service via SNMP PDU Input Validation
CVSS 6.5
CVE-2018-8030 HIGH
Apache Qpid Broker-J 7.0.0-7.0.4 - Denial of Service via Oversized AMQP Message
CVSS 7.5
CVE-2018-11537 MEDIUM
Auth0 angular-jwt < 0.1.10 - Domain Whitelist Bypass via Regex Interpretation
CVSS 6.5
CVE-2018-1061 MEDIUM
Python < 2.7.15 - Denial of Service via Catastrophic Backtracking in difflib.IS_LINE_JUNK
CVSS 6.5
Details
Vulnerabilities 12,597
Exploit Likelihood High