CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,620 vulnerabilities with CWE-20
CVE-2017-17158 MEDIUM
Huawei <Berlin-L21HNC185B381-Prague-TL00AC01B223 - Info Disclosure
CVSS 4.6
CVE-2017-2617 HIGH
hawtio < 1.5.5 - Remote Code Execution via File Upload
CVSS 7.6
CVE-2017-14439 HIGH
Moxa EDR-810 Firmware V4.1 build 17030317 - Denial of Service via Large Packet to 4001/tcp
CVSS 7.5
CVE-2017-14438 HIGH
Moxa EDR-810 Firmware V4.1 build 17030317 - Denial of Service via Crafted Packet to 4000/tcp
CVSS 7.5
CVE-2017-12124 MEDIUM
Moxa EDR-810 V4.1 build 17030317 - Denial of Service via Crafted HTTP URI
CVSS 6.5
CVE-2017-6021 HIGH
Schneider Electric ClearSCADA < 2014 R1.1 - Denial of Service via Crafted Command Sequences
CVSS 7.5
CVE-2017-15043 HIGH
Sierrawireless Gx440 Firmware < 4.4.5 - Improper Input Validation
CVSS 8.8
CVE-2017-17318 MEDIUM
Huawei E5771h-937 Firmware < v200r001b329d05sp00c1308 - Denial of Service via HTTP Request
CVSS 6.5
CVE-2017-18262 MEDIUM
Blackboard Learn - Unvalidated Redirect via Shibboleth Login Endpoint
CVSS 6.1
CVE-2017-17258 HIGH
Huawei AR/USG/TE H323 - Resource Management Denial of Service
CVSS 7.5
CVE-2017-12701 MEDIUM
Luna CPAP Machine Firmware < 20170701 - Authenticated Denial of Service via Wi-Fi Module Input
CVSS 6.5
CVE-2017-0370 MEDIUM
MediaWiki < 1.23.16 - Spam Blacklist Bypass via Encoded URLs in File Inclusion Syntax
CVSS 5.3
CVE-2017-0368 MEDIUM
MediaWiki < 1.23.16 - Improper Input Validation in RawHTML Mode
CVSS 5.3
CVE-2017-0366 MEDIUM
MediaWiki < 1.23.16 - SVG Filter Bypass via Default Attribute Values in DTD Declaration
CVSS 5.4
CVE-2017-6148 HIGH
F5 BIG-IP 11.5.1-11.5.5, 11.6.1-11.6.2, 12.0.0-12.1.3.1, 13.0.0 - Denial of Service via SOCKS Proxy Request Handling
CVSS 7.5
CVE-2017-17308 MEDIUM
Huawei DP300, RP200, TE30, TE40, TE50, TE60 Firmware - Denial of Service via SCCPX Module Packet Handling
CVSS 5.3
CVE-2017-18074 CRITICAL
Qualcomm MDM/MSM/SD Firmware - DoS via Malformed WMA Media Header
CVSS 9.8
CVE-2017-1081 HIGH
FreeBSD < 11.0 - Denial of Service via IPFilter State Handling
CVSS 7.5
CVE-2017-12088 HIGH
Allen Bradley Micrologix 1400 <21.2 - DoS
CVSS 8.6
CVE-2017-13302 HIGH
Android 8.0 - Denial of Service in System UI
CVSS 7.5
CVE-2017-13301 HIGH
Android 8.0 - Denial of Service in System UI
CVSS 7.5
CVE-2017-13300 HIGH
Android 6.0-6.0.1 - Denial of Service in Media Framework libhevc
CVSS 7.5
CVE-2017-13295 MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 8.1 - Denial of Service in Package Installer
CVSS 5.3
CVE-2017-13287 HIGH
Android 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 - Local Privilege Escalation via VerifyCredentialResponse Parcel Validation
CVSS 7.8
CVE-2017-13284 CRITICAL
Android 6.0-8.1 - Unauthenticated Bluetooth Keyboard Pairing Bypass via Improper Input Validation
CVSS 9.8
Details
Vulnerabilities 12,620
Exploit Likelihood High