The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,620 vulnerabilities with CWE-20
CVE-2017-17158
MEDIUM
Huawei <Berlin-L21HNC185B381-Prague-TL00AC01B223 - Info Disclosure
CVSS 4.6
CVE-2017-2617
HIGH
hawtio < 1.5.5 - Remote Code Execution via File Upload
CVSS 7.6
CVE-2017-14439
HIGH
Moxa EDR-810 Firmware V4.1 build 17030317 - Denial of Service via Large Packet to 4001/tcp
CVSS 7.5
CVE-2017-14438
HIGH
Moxa EDR-810 Firmware V4.1 build 17030317 - Denial of Service via Crafted Packet to 4000/tcp
CVSS 7.5
CVE-2017-12124
MEDIUM
Moxa EDR-810 V4.1 build 17030317 - Denial of Service via Crafted HTTP URI
CVSS 6.5
CVE-2017-6021
HIGH
Schneider Electric ClearSCADA < 2014 R1.1 - Denial of Service via Crafted Command Sequences
CVSS 7.5
CVE-2017-15043
HIGH
Sierrawireless Gx440 Firmware < 4.4.5 - Improper Input Validation
CVSS 8.8
CVE-2017-17318
MEDIUM
Huawei E5771h-937 Firmware < v200r001b329d05sp00c1308 - Denial of Service via HTTP Request
CVSS 6.5
CVE-2017-18262
MEDIUM
Blackboard Learn - Unvalidated Redirect via Shibboleth Login Endpoint
CVSS 6.1
CVE-2017-17258
HIGH
Huawei AR/USG/TE H323 - Resource Management Denial of Service
CVSS 7.5
CVE-2017-12701
MEDIUM
Luna CPAP Machine Firmware < 20170701 - Authenticated Denial of Service via Wi-Fi Module Input
CVSS 6.5
CVE-2017-0370
MEDIUM
MediaWiki < 1.23.16 - Spam Blacklist Bypass via Encoded URLs in File Inclusion Syntax
CVSS 5.3
CVE-2017-0368
MEDIUM
MediaWiki < 1.23.16 - Improper Input Validation in RawHTML Mode
CVSS 5.3
CVE-2017-0366
MEDIUM
MediaWiki < 1.23.16 - SVG Filter Bypass via Default Attribute Values in DTD Declaration
CVSS 5.4
CVE-2017-6148
HIGH
F5 BIG-IP 11.5.1-11.5.5, 11.6.1-11.6.2, 12.0.0-12.1.3.1, 13.0.0 - Denial of Service via SOCKS Proxy Request Handling
CVSS 7.5
CVE-2017-17308
MEDIUM
Huawei DP300, RP200, TE30, TE40, TE50, TE60 Firmware - Denial of Service via SCCPX Module Packet Handling
CVSS 5.3
CVE-2017-18074
CRITICAL
Qualcomm MDM/MSM/SD Firmware - DoS via Malformed WMA Media Header
CVSS 9.8
CVE-2017-1081
HIGH
FreeBSD < 11.0 - Denial of Service via IPFilter State Handling
CVSS 7.5
CVE-2017-12088
HIGH
Allen Bradley Micrologix 1400 <21.2 - DoS
CVSS 8.6
CVE-2017-13302
HIGH
Android 8.0 - Denial of Service in System UI
CVSS 7.5
CVE-2017-13301
HIGH
Android 8.0 - Denial of Service in System UI
CVSS 7.5
CVE-2017-13300
HIGH
Android 6.0-6.0.1 - Denial of Service in Media Framework libhevc
CVSS 7.5
CVE-2017-13295
MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 8.1 - Denial of Service in Package Installer
CVSS 5.3
CVE-2017-13287
HIGH
Android 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 - Local Privilege Escalation via VerifyCredentialResponse Parcel Validation
CVSS 7.8
CVE-2017-13284
CRITICAL
Android 6.0-8.1 - Unauthenticated Bluetooth Keyboard Pairing Bypass via Improper Input Validation
CVSS 9.8
Details
Vulnerabilities
12,620
Exploit Likelihood
High