The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,598 vulnerabilities with CWE-20
CVE-2018-5487
CRITICAL
NetApp OnCommand Unified Manager <7.4 - RCE
CVSS 9.8
CVE-2018-1000040
MEDIUM
Artifex MuPDF < 1.12.0 - Denial of Service via PDF Parser Uninitialized Value Bugs
CVSS 5.5
CVE-2018-1000037
MEDIUM
Artifex MuPDF < 1.12.0 - Denial of Service via PDF Parser Assertion Failure
CVSS 5.5
CVE-2018-11411
HIGH
DimonCoin - Unauthenticated Arbitrary Balance Transfer via transferFrom Function
CVSS 7.5
CVE-2018-8176
HIGH
Microsoft Office for Mac - Remote Code Execution via XML Content Validation Bypass
CVSS 8.8
CVE-2018-11357
HIGH
Wireshark 2.2.0-2.2.14 and 2.4.0-2.4.6 - Denial of Service via Negative Length Handling
CVSS 7.5
CVE-2018-11354
HIGH
Wireshark 2.6.0 - Denial of Service in IEEE 1905.1a Dissector
CVSS 7.5
CVE-2018-11321
MEDIUM
Joomla! < 3.8.8 - Authenticated Remote Code Execution via Custom Field Filter Manipulation
CVSS 6.5
CVE-2018-11367
HIGH
CppCMS < 1.2.1 - Denial of Service in JSON Parser
CVSS 7.5
CVE-2018-11315
MEDIUM
Radiothermostat Ct50 Firmware < 1.04.84 - Improper Input Validation
CVSS 6.5
CVE-2018-4992
HIGH
Adobe Creative Cloud < 4.4.1.298 - Local Privilege Escalation
CVSS 7.8
CVE-2018-4943
HIGH
Adobe PhoneGap Push Plugin < 1.8.0 - Same-Origin Method Execution
CVSS 8.8
CVE-2018-8867
HIGH
GE PACSystems RX3i/RSTi-EP CPE Denial of Service via Crafted Packets
CVSS 7.5
CVE-2018-11232
MEDIUM
Linux Kernel < 4.10.2 - Denial of Service via etm_setup_aux Parameter Misuse
CVSS 5.5
CVE-2018-9970
HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via XFA Button execEvent Method
CVSS 8.8
CVE-2018-9935
HIGH
Foxit PhantomPDF 8.0-8.3.2.25013 and Foxit Reader <9.0.1.1049 - Remote Code Execution via addField Method
CVSS 8.8
CVE-2018-7159
MEDIUM
Node.js 4.0.0-4.1.1 and 4.2.0-4.8.9 - HTTP Request Smuggling via Content-Length Header Parsing
CVSS 5.3
CVE-2018-0325
HIGH
Cisco IP Phone 7800 and 8800 Series Firmware - Denial of Service via Malformed SIP SDP Parameters
CVSS 7.5
CVE-2018-0280
HIGH
Cisco Meeting Server 2.0-2.3 - Unauthenticated Denial of Service via RTP Bitstream Processing
CVSS 7.5
CVE-2018-0279
HIGH
Cisco Enterprise NFV Infrastructure Software < 3.6.3 - Authenticated OS Command Injection via SCP Server
CVSS 8.8
CVE-2018-4850
HIGH
SIMATIC S7-400 and S7-400H Firmware < 4.0, 5.0 < 5.2, < 4.5 - Denial of Service via S7 Communication Packet
CVSS 7.5
CVE-2018-3634
MEDIUM
Intel Online Connect Access < 1.9.22.0 - Denial of Service via NDIS Filter Driver Parameter Corruption
CVSS 5.5
CVE-2018-3611
MEDIUM
Intel Graphics Driver < 15.40.37.4835 - Denial of Service via User Mode Driver Bounds Check
CVSS 6.5
CVE-2018-11035
HIGH
2345 Security Guard 3.7 - Denial of Service via IOCTL 0x80002019
CVSS 7.8
CVE-2018-11034
HIGH
2345 Security Guard 3.7 - Denial of Service via IOCTL 0x8000200D
CVSS 7.8
Details
Vulnerabilities
12,598
Exploit Likelihood
High