CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,599 vulnerabilities with CWE-20
CVE-2017-18684 CRITICAL
Samsung Mobile <M - Privilege Escalation
CVSS 9.8
CVE-2017-18683 CRITICAL
Samsung Mobile <L5.0/M6.0 - Info Disclosure
CVSS 9.8
CVE-2017-18680 HIGH
Android L(5.0/5.1) and M(6.0) - Unprotected User Data Exposure via Lockscreen Add User Action
CVSS 7.1
CVE-2017-18679 HIGH
Samsung Android M(6.0) - Denial of Service via SLocation API Call
CVSS 7.5
CVE-2017-18676 HIGH
Samsung N(7.0) Qualcomm - Privilege Escalation
CVSS 7.5
CVE-2017-18674 HIGH
Samsung Android N(7.0) - Denial of Service via Time Service Kernel Panic
CVSS 7.5
CVE-2017-18673 LOW
Samsung Android N(7.x) - Unauthenticated Location Service Disabling on Locked Device
CVSS 2.4
CVE-2017-18667 MEDIUM
Samsung Android KK(4.4) L(5.0/5.1) M(6.0) N(7.x) - SMS Storage Exhaustion Denial of Service
CVSS 4.3
CVE-2017-18648 CRITICAL
Android KK(4.4.x)-N(7.x) - Arbitrary File Read and Write via MTP Command
CVSS 9.1
CVE-2017-12842 HIGH
Bitcoin Core < 0.14.0 - SPV Proof Spoofing via Merkle Tree Leaf Node Weakness
CVSS 7.5
CVE-2017-18589 HIGH
Cookie crate <0.7.6 - Info Disclosure
CVSS 7.5
CVE-2017-18580 CRITICAL
Shortcodes Ultimate < 5.0.1 - Remote Code Execution via Shortcode Filter
CVSS 9.8
CVE-2017-18574 MEDIUM
Ninja Forms < 3.0.31 - Stored Cross-Site Scripting in Form Builder
CVSS 6.1
CVE-2017-18545 HIGH
invite_anyone < 1.3.16 - Cross-Site Scripting via Untrusted Input
CVSS 7.5
CVE-2017-18509 HIGH
Linux Kernel < 3.16.72 - General Protection Fault via IPv6 Socket Option
CVSS 7.8
CVE-2017-18482 MEDIUM
cPanel 11.54.0.0-11.54.0.35 - Authenticated Improper Input Validation in WHM enqueue_transfer_item API
CVSS 6.5
CVE-2017-18475 HIGH
cPanel 11.54.0.0-11.54.0.35 - Improper Input Validation in Exim Piped Filters
CVSS 8.8
CVE-2017-18469 MEDIUM
cPanel < 56.0.46 - Authenticated Remote Code Execution via NVData_fetchinc API
CVSS 6.3
CVE-2017-18466 LOW
cPanel 55.9999.61-62.0.16 - Improper Input Validation in Parked Domain Mail Configuration
CVSS 2.7
CVE-2017-18465 MEDIUM
cPanel 55.9999.61-62.0.16 - Improper Input Validation
CVSS 4.4
CVE-2017-18464 MEDIUM
cPanel < 56.0.46 - Arbitrary File Overwrite via WHM Zone Template Editor
CVSS 4.9
CVE-2017-18463 HIGH
cPanel < 56.0.46 - Remote Code Execution via Long DocumentRoot Path
CVSS 7.8
CVE-2017-18461 MEDIUM
cPanel 55.9999.61-56.0.45 - Security Policy Bypass via Account Rename
CVSS 4.3
CVE-2017-18460 HIGH
cPanel < 60.0.39 - Remote Code Execution during Automatic SSL Installation
CVSS 7.8
CVE-2017-18459 HIGH
cPanel 55.9999.61-61.9999.999 - Remote Code Execution during Account Modification
CVSS 7.8
Details
Vulnerabilities 12,599
Exploit Likelihood High