CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,598 vulnerabilities with CWE-20
CVE-2018-5341 CRITICAL
Zoho ManageEngine Desktop Central <10.0.184 - Info Disclosure
CVSS 9.8
CVE-2018-0560 MEDIUM
Hatena Bookmark App for iOS 3.0-3.70 - Address Bar Spoofing via URL Display
CVSS 6.5
CVE-2018-5510 HIGH
F5 BIG-IP 11.5.4 HF4-11.5.5 - Denial of Service via IPv6 Packet Processing
CVSS 7.5
CVE-2018-10087 MEDIUM
Linux Kernel < 4.13 - Denial of Service via -INT_MIN Value in kernel_wait4
CVSS 5.5
CVE-2018-6903 HIGH
Hot Scripts Clone Script Classified 3.1 - Improper Input Validation of Email Address
CVSS 8.8
CVE-2018-6879 HIGH
Website Seller Script 2.0.3 - Improper Input Validation of Email Address
CVSS 8.8
CVE-2018-10072 MEDIUM
Jungo DriverWizard WinDriver 12.6.0 - DoS
CVSS 5.5
CVE-2018-10071 MEDIUM
Jungo DriverWizard WinDriver <12.6.0 - DoS
CVSS 5.5
CVE-2018-1086 MEDIUM
Pacemaker Command Line Interface - Privilege Escalation via Debug Parameter Bypass
CVSS 4.3
CVE-2018-1016 HIGH
Windows - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2018-1015 HIGH
Windows - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2018-1013 HIGH
Windows - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2018-1012 HIGH
Windows - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2018-1010 HIGH
Windows - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2018-0957 MEDIUM
Windows Hyper-V - Information Disclosure via Improper Input Validation
CVSS 5.3
CVE-2018-10054 HIGH
Datomic < 0.9.5697 - Remote Code Execution via H2 CREATE ALIAS
CVSS 8.8
CVE-2018-0020 HIGH
Junos OS - Denial of Service via Malformed BGP UPDATE
CVSS 7.5
CVE-2018-0019 MEDIUM
Junos OS - Denial of Service via SNMP MIB-II Subagent Daemon Crash
CVSS 5.3
CVE-2018-0017 HIGH
Junos OS 12.1X46 < D72, 12.3X48 < D55, 15.1X49 < D90 - Denial of Service via NAT-PT IPv6 Packet Handling
CVSS 7.5
CVE-2018-8954 CRITICAL
CA Workload Control Center < r11.4 SP6 - Remote Code Execution via Crafted HTTP Request
CVSS 9.8
CVE-2018-9846 HIGH
Roundcube Webmail 1.2.0-1.3.5 - IMAP Injection via Archive Plugin _uid Parameter
CVSS 8.8
CVE-2018-9327 HIGH
Etherpad 1.5.0-1.5.6 - Remote Code Execution via Document Database Configuration
CVSS 8.1
CVE-2018-1000156 HIGH
GNU Patch 2.7.6 - Remote Code Execution via EDITOR_PROGRAM Invocation
CVSS 7.8
CVE-2018-9115 MEDIUM
Systematic SitaWare 6.4 SP2 - Denial of Service via NVG Interface Input
CVSS 5.3
CVE-2018-9262 HIGH
Wireshark 2.2.0-2.2.13 and 2.4.0-2.4.5 - Denial of Service in VLAN Dissector
CVSS 7.5
Details
Vulnerabilities 12,598
Exploit Likelihood High