CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,598 vulnerabilities with CWE-20
CVE-2018-3612 HIGH
Intel BIOS - Privilege Escalation to System Management Mode via Insufficient Input Validation
CVSS 7.8
CVE-2018-10977 HIGH
2345 Security Guard 3.7 - Denial of Service via IOCTL 0x002220E4
CVSS 7.8
CVE-2018-10976 HIGH
2345 Security Guard 3.7 - Denial of Service via IOCTL 0x00222050
CVSS 7.8
CVE-2018-10975 HIGH
2345 Security Guard 3.7 - Denial of Service via IOCTL 0x00222104
CVSS 7.8
CVE-2018-10974 HIGH
2345 Security Guard 3.7 - Denial of Service via IOCTL 0x00222100
CVSS 7.8
CVE-2018-10955 HIGH
2345 Security Guard 3.7 - Denial of Service via IOCTL 0x00222548
CVSS 7.8
CVE-2018-10954 HIGH
2345 Security Guard 3.7 - Denial of Service via IOCTL 0x00222550 Input Validation
CVSS 7.8
CVE-2018-10953 HIGH
2345 Security Guard 3.7 - Denial of Service via IOCTL 0x0022204C
CVSS 7.8
CVE-2018-10952 HIGH
2345 Security Guard 3.7 - Denial of Service via IOCTL 0x00222088
CVSS 7.8
CVE-2018-2416 MEDIUM
SAP Identity Management 7.2 and 8.0 - XML External Entity Injection
CVSS 5.4
CVE-2018-0961 HIGH
Windows 10 and Windows Server 2016 - Remote Code Execution via vSMB Packet Validation
CVSS 7.6
CVE-2018-0959 HIGH
Windows Hyper-V - Authenticated Remote Code Execution via Guest OS Input
CVSS 7.6
CVE-2018-10828 MEDIUM
Alps Pointing-device Driver 10.1.101.207 - Denial of Service via ApMsgFwd File Mapping Object
CVSS 5.5
CVE-2018-10830 HIGH
2345 Security Guard 3.7 - Denial of Service via IOCtl 0x002220e0
CVSS 7.8
CVE-2018-1000168 HIGH
nghttp2 1.10.0-1.31.0 - Denial of Service via ALTSVC Frame Handling
CVSS 7.5
CVE-2018-10809 HIGH
2345 Security Guard 3.7 - Denial of Service via IOCtl 0x00222040
CVSS 7.8
CVE-2018-10799 MEDIUM
Brave < 0.14.0 - Denial of Service via Long URL Handling in SCRIPT Element
CVSS 6.5
CVE-2018-10798 MEDIUM
Brave < 0.14.0 - Denial of Service via JavaScript Page Reload
CVSS 6.5
CVE-2018-10796 HIGH
2345 Security Guard 3.7 - Denial of Service via IOCtl 0x00222014
CVSS 7.8
CVE-2018-10776 HIGH
mp3gain < 1.5.2 - Denial of Service via getbits Function
CVSS 7.8
CVE-2018-0494 MEDIUM
GNU Wget < 1.19.5 - Cookie Injection via HTTP Response Continuation Line
CVSS 6.5
CVE-2018-9154 HIGH
JasPer 2.0.14 - Denial of Service via Unexpected jas_alloc2 Return Value
CVSS 7.5
CVE-2018-8869 CRITICAL
Lantech IDS 2102 <2.0 - Info Disclosure
CVSS 9.8
CVE-2018-0287 HIGH
Cisco WebEx Network Recording Player - Remote Code Execution via Malicious ARF File
CVSS 8.8
CVE-2018-0264 CRITICAL
Cisco WebEx Business Suite and Meetings - Remote Code Execution via Malicious ARF File
CVSS 9.6
Details
Vulnerabilities 12,598
Exploit Likelihood High