CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,599 vulnerabilities with CWE-20
CVE-2018-7549 HIGH
zsh < 5.4.2 - Denial of Service via Empty Hash Table Copy
CVSS 7.5
CVE-2018-0139 HIGH
Cisco Unified Customer Voice Portal 11.5(1) - Unauthenticated Denial of Service via IVR Connection Request
CVSS 8.6
CVE-2018-1166 HIGH
Joyent SmartOS release-20170803-20170803T064301Z - Privilege Escalation via SMBIOC_TREE_RELE ioctl
CVSS 7.8
CVE-2018-5763 MEDIUM
OXID eShop Enterprise Edition < 5.3.7 and 6.x < 6.0.1 - Denial of Service via Crafted URLs
CVSS 5.9
CVE-2018-7208 HIGH
GNU Binutils - Denial of Service via Crafted COFF Object in coff_pointerize_aux
CVSS 7.8
CVE-2018-5767 CRITICAL
Tenda AC15 <V15.03.1.16_multi - RCE
CVSS 9.8
CVE-2018-1000049 HIGH
Nanopool Claymore Dual Miner <7.3 - RCE
CVSS 7.5
CVE-2018-1000026 HIGH
Linux Kernel 2.6.12-4.4.181 - Denial of Service via bnx2x Network Card Driver
CVSS 7.7
CVE-2018-1000023 MEDIUM
Bitpay/insight-api <5.0.0 - Info Disclosure
CVSS 5.3
CVE-2018-1000021 MEDIUM
git < 2.15.1 - Remote Code Execution via ANSI Escape Sequence Handling
CVSS 5.0
CVE-2018-1298 MEDIUM
Apache Qpid Broker-J 7.0.0 - Unauthenticated Denial of Service via PLAIN or XOAUTH2 SASL Mechanism
CVSS 5.9
CVE-2018-1161 CRITICAL
Quest NetVault Backup 11.2.0.13 - RCE
CVSS 9.8
CVE-2018-6835 CRITICAL
Etherpad Lite < 1.6.3 - Unauthenticated Access Restriction Bypass via JSONP Mishandling
CVSS 9.8
CVE-2018-0135 MEDIUM
Cisco Unified Communications Manager - Authenticated Information Disclosure via Improper Input Validation
CVSS 4.3
CVE-2018-0125 CRITICAL KEV
Cisco RV132W and RV134W Firmware - Unauthenticated Remote Code Execution and Denial of Service via HTTP Request
CVSS 9.8
CVE-2018-0122 MEDIUM
Cisco StarOS - Authenticated Arbitrary File Write via CLI Command Injection
CVSS 4.4
CVE-2018-0117 HIGH
Cisco ASR 5000 and 5500 Firmware N4.0-N5.5 - Unauthenticated Denial of Service via Malicious Ingress Traffic
CVSS 8.6
CVE-2018-0113 HIGH
Cisco UCS Central Software < 2.0(1c) - Authenticated Remote Code Execution via Crafted UI Request
CVSS 8.8
CVE-2018-6788 HIGH
Jiangmin Antivirus 16.0.0.100 - Denial of Service via KVFG.sys IOCtl 0x2208C0
CVSS 7.8
CVE-2018-6787 HIGH
Jiangmin Antivirus 16.0.0.100 - Denial of Service via KVFG.sys IOCtl 0x221808
CVSS 7.8
CVE-2018-6786 HIGH
Jiangmin Antivirus 16.0.0.100 - Denial of Service via KVFG.sys IOCtl 0x220840
CVSS 7.8
CVE-2018-6785 HIGH
Jiangmin Antivirus 16.0.0.100 - Denial of Service via KSysCall.sys IOCtl 0x9A008254
CVSS 7.8
CVE-2018-6784 HIGH
Jiangmin Antivirus 16.0.0.100 - Denial of Service via KSysCall.sys IOCtl 0x9A00824C
CVSS 7.8
CVE-2018-6783 HIGH
Jiangmin Antivirus 16.0.0.100 - Denial of Service via KSysCall.sys IOCtl 0x9A00825C
CVSS 7.8
CVE-2018-6782 HIGH
Jiangmin Antivirus 16.0.0.100 - Denial of Service via KSysCall.sys IOCtl 0x9A0081DC
CVSS 7.8
Details
Vulnerabilities 12,599
Exploit Likelihood High