The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,598 vulnerabilities with CWE-20
CVE-2018-5341
CRITICAL
Zoho ManageEngine Desktop Central <10.0.184 - Info Disclosure
CVSS 9.8
CVE-2018-0560
MEDIUM
Hatena Bookmark App for iOS 3.0-3.70 - Address Bar Spoofing via URL Display
CVSS 6.5
CVE-2018-5510
HIGH
F5 BIG-IP 11.5.4 HF4-11.5.5 - Denial of Service via IPv6 Packet Processing
CVSS 7.5
CVE-2018-10087
MEDIUM
Linux Kernel < 4.13 - Denial of Service via -INT_MIN Value in kernel_wait4
CVSS 5.5
CVE-2018-6903
HIGH
Hot Scripts Clone Script Classified 3.1 - Improper Input Validation of Email Address
CVSS 8.8
CVE-2018-6879
HIGH
Website Seller Script 2.0.3 - Improper Input Validation of Email Address
CVSS 8.8
CVE-2018-10072
MEDIUM
Jungo DriverWizard WinDriver 12.6.0 - DoS
CVSS 5.5
CVE-2018-10071
MEDIUM
Jungo DriverWizard WinDriver <12.6.0 - DoS
CVSS 5.5
CVE-2018-1086
MEDIUM
Pacemaker Command Line Interface - Privilege Escalation via Debug Parameter Bypass
CVSS 4.3
CVE-2018-1016
HIGH
Windows - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2018-1015
HIGH
Windows - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2018-1013
HIGH
Windows - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2018-1012
HIGH
Windows - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2018-1010
HIGH
Windows - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2018-0957
MEDIUM
Windows Hyper-V - Information Disclosure via Improper Input Validation
CVSS 5.3
CVE-2018-10054
HIGH
Datomic < 0.9.5697 - Remote Code Execution via H2 CREATE ALIAS
CVSS 8.8
CVE-2018-0020
HIGH
Junos OS - Denial of Service via Malformed BGP UPDATE
CVSS 7.5
CVE-2018-0019
MEDIUM
Junos OS - Denial of Service via SNMP MIB-II Subagent Daemon Crash
CVSS 5.3
CVE-2018-0017
HIGH
Junos OS 12.1X46 < D72, 12.3X48 < D55, 15.1X49 < D90 - Denial of Service via NAT-PT IPv6 Packet Handling
CVSS 7.5
CVE-2018-8954
CRITICAL
CA Workload Control Center < r11.4 SP6 - Remote Code Execution via Crafted HTTP Request
CVSS 9.8
CVE-2018-9846
HIGH
Roundcube Webmail 1.2.0-1.3.5 - IMAP Injection via Archive Plugin _uid Parameter
CVSS 8.8
CVE-2018-9327
HIGH
Etherpad 1.5.0-1.5.6 - Remote Code Execution via Document Database Configuration
CVSS 8.1
CVE-2018-1000156
HIGH
GNU Patch 2.7.6 - Remote Code Execution via EDITOR_PROGRAM Invocation
CVSS 7.8
CVE-2018-9115
MEDIUM
Systematic SitaWare 6.4 SP2 - Denial of Service via NVG Interface Input
CVSS 5.3
CVE-2018-9262
HIGH
Wireshark 2.2.0-2.2.13 and 2.4.0-2.4.5 - Denial of Service in VLAN Dissector
CVSS 7.5
Details
Vulnerabilities
12,598
Exploit Likelihood
High