CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,620 vulnerabilities with CWE-20
CVE-2017-18052 HIGH
Android - Out-of-bounds Read in wma_mgmt_tx_bundle_completion_handler()
CVSS 7.5
CVE-2017-18051 HIGH
Android - Out-of-bounds Read in wma_rcpi_event_handler()
CVSS 7.5
CVE-2017-18050 HIGH
Android - Out-of-bounds Read in wma_tbttoffset_update_event_handler
CVSS 7.8
CVE-2017-15831 HIGH
Android - Integer Overflow in wma_ndp_end_indication_event_handler
CVSS 7.8
CVE-2017-18067 CRITICAL
Android - Buffer Overflow in lim_send_auth_mgmt_frame
CVSS 9.8
CVE-2017-18064 HIGH
Android - Buffer Overflow via P2P NOA Info in wma_send_bcn_buf_ll()
CVSS 7.8
CVE-2017-18063 HIGH
Android - Memory Corruption via Improper Input Validation in wma_nlo_match_evt_handler
CVSS 7.8
CVE-2017-18056 HIGH
Android - Out-of-bounds Read in wma_unified_bcntx_status_event_handler
CVSS 7.8
CVE-2017-14878 HIGH
Android - Denial of Service via Length Variable Overflow in Data Copy
CVSS 7.5
CVE-2017-18235 MEDIUM
Exempi < 2.4.3 - Denial of Service via Crafted WEBP File
CVSS 5.5
CVE-2017-12194 CRITICAL
spice-gtk < 0.34 - Stack-based Buffer Overflow via Malicious Server Messages
CVSS 9.8
CVE-2017-6281 HIGH
Android - Local Privilege Escalation via NVIDIA libnvomx Improper Input Validation
CVSS 7.8
CVE-2017-17304 MEDIUM
Huawei DP300 <V500R002C00 - Authenticated RCE
CVSS 6.5
CVE-2017-17226 MEDIUM
TripAdvisor < TAMobileApp-24.6.4 - XSS
CVSS 5.3
CVE-2017-17222 HIGH
Huawei eSpace 7950/8950 V200R003C30 Authenticated RCE via Import Language Package
CVSS 8.8
CVE-2017-17221 HIGH
Huawei eSpace 7950/8950 V200R003C30 Authenticated RCE via Import Signal Tone
CVSS 8.8
CVE-2017-17219 MEDIUM
Huawei SCCPX module - Memory Corruption
CVSS 5.3
CVE-2017-17170 MEDIUM
Huawei DP300 Firmware - Authenticated Business Tampering via CIDAM Protocol Message Injection
CVSS 6.5
CVE-2017-17169 MEDIUM
Huawei DP300 Firmware - Authenticated Business Tampering via CIDAM Protocol Message Injection
CVSS 6.5
CVE-2017-17168 MEDIUM
Huawei DP300 <V500R002C00 - Authenticated RCE
CVSS 6.5
CVE-2017-17148 MEDIUM
Huawei DP300 Firmware < V500R002C00 - Authenticated Denial of Service via XML File Parsing
CVSS 5.5
CVE-2017-18221 MEDIUM
Linux Kernel < 4.11.4 - Denial of Service via Mlock Accounting Corruption
CVSS 5.5
CVE-2017-8164 LOW
Huawei EVA and VIE Firmware - Denial of Service via Malicious Application Installation
CVSS 3.3
CVE-2017-17138 MEDIUM
PEM module of various Huawei products - RCE
CVSS 5.5
CVE-2017-9279 LOW
NetIQ Identity Manager <4.5.6.1 - Code Injection
CVSS 2.0
Details
Vulnerabilities 12,620
Exploit Likelihood High