The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,620 vulnerabilities with CWE-20
CVE-2017-16816
MEDIUM
HTCondor < 8.6.8 and 8.7.x < 8.7.5 - Authenticated Denial of Service in condor_schedd via GSI and VOMS Extensions
CVSS 6.5
CVE-2017-17175
MEDIUM
Huawei Mate 9 Pro <LON-AL00B 8.0.0.354(C00) - DoS
CVSS 6.5
CVE-2017-9312
HIGH
Allen-Bradley L30ERMS Firmware < 30 - Denial of Service via Crafted TCP Packet
CVSS 7.5
CVE-2017-7466
HIGH
Ansible < 2.3 - Remote Code Execution via Client Fact Data
CVSS 8.0
CVE-2017-2669
LOW
Dovecot < 2.2.29 - Denial of Service via Crafted %variable Expansion in dict Authentication
CVSS 3.7
CVE-2017-12070
HIGH
OPC Foundation DLLs - Code Injection
CVSS 8.8
CVE-2017-17173
HIGH
Huawei Mate 9 Pro <LON-AL00B 8.0.0.356(C00) - Use After Free
CVSS 7.8
CVE-2017-17443
MEDIUM
OPC Foundation Local Discovery Server - Denial of Service via Configuration File Tampering
CVSS 6.5
CVE-2017-7838
MEDIUM
Firefox < 57 - Limited Spoofing via Punycode Subdomain Display
CVSS 5.3
CVE-2017-7837
MEDIUM
Firefox < 57 - Cookie Injection via SVG Meta Tags in IMG Elements
CVSS 5.3
CVE-2017-7833
MEDIUM
Firefox < 57 - Domain Spoofing via Arabic and Indic Vowel Marker Characters
CVSS 5.3
CVE-2017-7832
MEDIUM
Firefox < 57 - Domain Spoofing via Unicode Dotless 'i' Character
CVSS 5.3
CVE-2017-7829
MEDIUM
Thunderbird < 52.5.2 - Email Sender Address Spoofing via Null Character Injection
CVSS 5.3
CVE-2017-7825
MEDIUM
Debian Linux < 52.4.0 - Improper Input Validation
CVSS 5.3
CVE-2017-7817
MEDIUM
Firefox < 56 - Spoofing via Fullscreen Mode Address Bar
CVSS 5.3
CVE-2017-7816
MEDIUM
Firefox < 56 - Privileged URL Access via WebExtension Popup
CVSS 5.3
CVE-2017-7815
MEDIUM
Firefox < 56 - Modal Dialog Origin Spoofing via Data URL in Iframe
CVSS 5.3
CVE-2017-7814
HIGH
Redhat Enterprise Linux Desktop < 52.4.0 - Improper Input Validation
CVSS 7.8
CVE-2017-7807
HIGH
Debian Linux < 55.0 - Improper Input Validation
CVSS 8.1
CVE-2017-7804
HIGH
Firefox < 55 and Thunderbird < 52.3 - Memory Protection Bypass via WindowsDllDetourPatcher Destructor
CVSS 7.5
CVE-2017-7796
MEDIUM
Firefox < 55.0 - Arbitrary File Deletion via Windows Updater Logger Path Manipulation
CVSS 4.7
CVE-2017-7791
MEDIUM
Debian Linux < 52.3.0 - Improper Input Validation
CVSS 5.3
CVE-2017-7783
HIGH
Firefox < 55.0 - Denial of Service via Long Username in URL Authentication Prompt
CVSS 7.5
CVE-2017-7770
MEDIUM
Firefox < 54.0 - Address Bar Spoofing via Fullscreen Mode
CVSS 5.9
CVE-2017-7765
HIGH
Firefox < 54 and Firefox ESR < 52.2 - Security Feature Bypass via Long Filename Download
CVSS 7.5
Details
Vulnerabilities
12,620
Exploit Likelihood
High