CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,599 vulnerabilities with CWE-20
CVE-2018-7502 HIGH
Beckhoff TwinCAT - Privilege Escalation
CVSS 7.8
CVE-2018-8945 MEDIUM
GNU Binutils - Denial of Service via Large Attribute Section in BFD Library
CVSS 5.5
CVE-2018-5509 HIGH
F5 BIG-IP 12.1.0-12.1.3.1 - Denial of Service via Non-TCP Traffic to Misconfigured Virtual Server
CVSS 7.5
CVE-2018-5503 HIGH
F5 BIG-IP <13.1.0.3, <12.1.3.1 - DoS
CVSS 7.5
CVE-2018-5731 HIGH
Heimdal PRO 2.2.190 - Code Injection
CVSS 7.0
CVE-2018-8904 HIGH
Windows Optimization Master 7.99.13.604 - Denial of Service via IOCtl 0xf1002000
CVSS 7.8
CVE-2018-8896 HIGH
2345 Security Guard 3.6 - Denial of Service via IOCtl 0x00222044
CVSS 7.8
CVE-2018-8895 HIGH
2345 Security Guard 3.6 - Denial of Service via IOCtl 0x00222040
CVSS 7.8
CVE-2018-8894 HIGH
2345 Security Guard 3.6 - Denial of Service via IOCtl 0x00222108
CVSS 7.8
CVE-2018-8876 HIGH
2345 Security Guard 3.6 - Denial of Service via IOCtl 0x00222098
CVSS 7.8
CVE-2018-8875 HIGH
2345 Security Guard 3.6 - Denial of Service via IOCtl 0x0022209c
CVSS 7.8
CVE-2018-8874 HIGH
2345 Security Guard 3.6 - Denial of Service via IOCtl 0x00222054
CVSS 7.8
CVE-2018-8873 HIGH
2345 Security Guard 3.6 - Denial of Service via IOCtl 0x00222040
CVSS 7.8
CVE-2018-1321 HIGH
Apache Syncope 1.2.0-1.2.10 - Authenticated Remote Code Execution via XSLT
CVSS 7.2
CVE-2018-1294 HIGH
Apache Commons Email < 1.5 - Email Header Injection via Bounce Address
CVSS 7.5
CVE-2018-7511 MEDIUM
Eaton ELCSoft < 2.04.02 - Remote Code Execution via Crafted File Buffer Overflow
CVSS 5.3
CVE-2018-4843 MEDIUM
SIMATIC S7-400 CPU 414-3 PN/DP V7 < V7.0.3 - Denial of Service via PROFINET DCP Packet
CVSS 6.5
CVE-2018-8821 MEDIUM
Jungo DriverWizard WinDriver 12.6.0 - DoS
CVSS 5.5
CVE-2018-1221 HIGH
Cloud Foundry cf-deployment < 1.14.0 & routing-release < 0.172.0 - DoS & Data Theft via WebSocket Mishandling
CVSS 8.1
CVE-2018-8765 HIGH
2345 Security Guard 3.6 - Denial of Service via IOCtl 0x00222018
CVSS 7.8
CVE-2018-1199 MEDIUM
Spring Security <4.1.5, 4.2.x <4.2.4, 5.0.x <5.0.1 - Auth Bypass
CVSS 5.3
CVE-2018-1078 CRITICAL
OpenDayLight Carbon SR3 and earlier - Improper Input Validation during Node Reconciliation
CVSS 9.8
CVE-2018-8711 CRITICAL
WooCommerce Products Filter <2.2.0 - Local File Inclusion
CVSS 9.8
CVE-2018-7531 MEDIUM
OSIsoft PI Data Archive < 2017 - Unauthenticated Denial of Service via Custom Request
CVSS 5.9
CVE-2018-0888 MEDIUM
Microsoft Hyper-V Network Switch - Information Disclosure via Guest OS Input Validation
CVSS 5.6
Details
Vulnerabilities 12,599
Exploit Likelihood High