The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,599 vulnerabilities with CWE-20
CVE-2018-9262
HIGH
Wireshark 2.2.0-2.2.13 and 2.4.0-2.4.5 - Denial of Service in VLAN Dissector
CVSS 7.5
CVE-2018-9260
HIGH
Wireshark 2.2.0-2.2.13 and 2.4.0-2.4.5 - Denial of Service in IEEE 802.15.4 Dissector
CVSS 7.5
CVE-2018-9259
HIGH
Wireshark 2.2.0-2.2.13 and 2.4.0-2.4.5 - Denial of Service in MP4 Dissector
CVSS 7.5
CVE-2018-9258
HIGH
Wireshark 2.4.0-2.4.5 - Denial of Service in TCP Dissector
CVSS 7.5
CVE-2018-9256
HIGH
Wireshark 2.2.0-2.2.13 and 2.4.0-2.4.5 - Denial of Service in LWAPP Dissector
CVSS 7.5
CVE-2018-8779
HIGH
Ruby <2.2.10-2.6.0 - Code Injection
CVSS 7.5
CVE-2018-8049
HIGH
Unisys Stealth SVG <3.0.1999-3.3.016 - DoS
CVSS 7.5
CVE-2018-1099
MEDIUM
etcd < 3.3.1 - DNS Rebinding
CVSS 5.5
CVE-2018-4176
MEDIUM
macOS < 10.13.4 - Unauthenticated Arbitrary Application Launch via Crafted Disk Image
CVSS 5.5
CVE-2018-4175
HIGH
macOS < 10.13.4 - Code-Signing Bypass via LaunchServices
CVSS 7.8
CVE-2018-4149
HIGH
iPhone OS < 11.3 - User Interface Spoofing via SafariViewController
CVSS 8.8
CVE-2018-4142
HIGH
iPhone OS < 11.3, macOS < 10.13.4, tvOS < 11.3, watchOS < 4.3 - Denial of Service in CoreText
CVSS 7.5
CVE-2018-4134
HIGH
iPhone OS < 11.3 - User Interface Spoofing via Safari
CVSS 8.8
CVE-2018-4116
MEDIUM
Safari < 11.1 - Address Bar Spoofing via Crafted Web Site
CVSS 6.5
CVE-2018-4108
CRITICAL
macOS < 10.13.4 - APFS Volume Password Truncation via Disk Management Injection
CVSS 9.8
CVE-2018-4107
MEDIUM
macOS < 10.13.4 - URL Restriction Bypass in PDFKit
CVSS 6.5
CVE-2018-4105
CRITICAL
Apple Mac OS X < 10.13.4 - Improper Input Validation
CVSS 9.8
CVE-2018-4102
MEDIUM
Safari < 11.1 - Address Bar Spoofing via Crafted Web Site
CVSS 6.5
CVE-2018-4097
HIGH
macOS < 10.13.3 - Kernel Privilege Escalation via Crafted App
CVSS 7.8
CVE-2018-9158
HIGH
AXIS M1033-W Firmware 5.40.5.1 - Denial of Service via IPv4 Flood Attack
CVSS 7.5
CVE-2018-3740
HIGH
Sanitize < 4.6.0 and 3.0.0-4.6.3 - Improper Input Validation
CVSS 7.5
CVE-2018-9145
MEDIUM
Exiv2 - Denial of Service via Large Buffer Size in DataBuf Constructor
CVSS 6.5
CVE-2018-9142
HIGH
Samsung Mobile N(7.x) - Arbitrary APK Installation via Secure Folder SD Card Validation Bypass
CVSS 7.0
CVE-2018-9141
HIGH
Samsung Mobile L(5.x) M(6.0) N(7.x) - Remote Code Execution via BMP File Resolution
CVSS 7.8
CVE-2018-9136
MEDIUM
Jungo WinDriver < 12.7.0 - Denial of Service via Crafted Executable File
CVSS 5.5
Details
Vulnerabilities
12,599
Exploit Likelihood
High