The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,599 vulnerabilities with CWE-20
CVE-2017-18103
MEDIUM
atlassian-http < 2.0.2 - Content Spoofing via application/mathml+xml Upload
CVSS 4.7
CVE-2017-15137
MEDIUM
OpenShift - Improper Input Validation in Image Import Whitelist
CVSS 4.3
CVE-2017-18155
HIGH
Qualcomm Msm8996au Firmware - Improper Input Validation
CVSS 7.8
CVE-2017-3197
CRITICAL
GIGABYTE BRIX UEFI - Info Disclosure
CVSS 9.8
CVE-2017-16816
MEDIUM
HTCondor < 8.6.8 and 8.7.x < 8.7.5 - Authenticated Denial of Service in condor_schedd via GSI and VOMS Extensions
CVSS 6.5
CVE-2017-17175
MEDIUM
Huawei Mate 9 Pro <LON-AL00B 8.0.0.354(C00) - DoS
CVSS 6.5
CVE-2017-9312
HIGH
Allen-Bradley L30ERMS Firmware < 30 - Denial of Service via Crafted TCP Packet
CVSS 7.5
CVE-2017-7466
HIGH
Ansible < 2.3 - Remote Code Execution via Client Fact Data
CVSS 8.0
CVE-2017-2669
LOW
Dovecot < 2.2.29 - Denial of Service via Crafted %variable Expansion in dict Authentication
CVSS 3.7
CVE-2017-12070
HIGH
OPC Foundation DLLs - Code Injection
CVSS 8.8
CVE-2017-17173
HIGH
Huawei Mate 9 Pro <LON-AL00B 8.0.0.356(C00) - Use After Free
CVSS 7.8
CVE-2017-17443
MEDIUM
OPC Foundation Local Discovery Server - Denial of Service via Configuration File Tampering
CVSS 6.5
CVE-2017-7838
MEDIUM
Firefox < 57 - Limited Spoofing via Punycode Subdomain Display
CVSS 5.3
CVE-2017-7837
MEDIUM
Firefox < 57 - Cookie Injection via SVG Meta Tags in IMG Elements
CVSS 5.3
CVE-2017-7833
MEDIUM
Firefox < 57 - Domain Spoofing via Arabic and Indic Vowel Marker Characters
CVSS 5.3
CVE-2017-7832
MEDIUM
Firefox < 57 - Domain Spoofing via Unicode Dotless 'i' Character
CVSS 5.3
CVE-2017-7829
MEDIUM
Thunderbird < 52.5.2 - Email Sender Address Spoofing via Null Character Injection
CVSS 5.3
CVE-2017-7825
MEDIUM
Debian Linux < 52.4.0 - Improper Input Validation
CVSS 5.3
CVE-2017-7817
MEDIUM
Firefox < 56 - Spoofing via Fullscreen Mode Address Bar
CVSS 5.3
CVE-2017-7816
MEDIUM
Firefox < 56 - Privileged URL Access via WebExtension Popup
CVSS 5.3
CVE-2017-7815
MEDIUM
Firefox < 56 - Modal Dialog Origin Spoofing via Data URL in Iframe
CVSS 5.3
CVE-2017-7814
HIGH
Redhat Enterprise Linux Desktop < 52.4.0 - Improper Input Validation
CVSS 7.8
CVE-2017-7807
HIGH
Debian Linux < 55.0 - Improper Input Validation
CVSS 8.1
CVE-2017-7804
HIGH
Firefox < 55 and Thunderbird < 52.3 - Memory Protection Bypass via WindowsDllDetourPatcher Destructor
CVSS 7.5
CVE-2017-7796
MEDIUM
Firefox < 55.0 - Arbitrary File Deletion via Windows Updater Logger Path Manipulation
CVSS 4.7
Details
Vulnerabilities
12,599
Exploit Likelihood
High