The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,621 vulnerabilities with CWE-20
CVE-2017-17283
MEDIUM
Huawei DP300, RP200, TE30, TE40, TE50, TE60 Firmware - Out-of-bounds Read via SIP Message
CVSS 5.3
CVE-2017-17201
MEDIUM
Huawei Berlin-L21HNC432B360 & others - DoS via Malicious App Execution
CVSS 5.5
CVE-2017-17186
MEDIUM
Huawei DP300, RP200, TE30, TE40, TE50, TE60 Firmware - Denial of Service via Malformed SOAP Packets
CVSS 5.4
CVE-2017-17159
MEDIUM
Huawei NXT-AL10C00B386 et al - DoS
CVSS 6.5
CVE-2017-17157
HIGH
Huawei IPS Module <V500R001C00 - RCE
CVSS 7.5
CVE-2017-17156
HIGH
Huawei IPS/V500R001C00- - Memory Corruption
CVSS 7.5
CVE-2017-17154
HIGH
Huawei IPS Module <V500R001C00 - RCE
CVSS 7.5
CVE-2017-17153
HIGH
Huawei IPS/VNGFW Module <multiple versions - RCE
CVSS 7.5
CVE-2017-17152
MEDIUM
Huawei IPS/VNGFW Module <multiple versions - RCE
CVSS 5.9
CVE-2017-17151
MEDIUM
Huawei Various - Unauthenticated RCE
CVSS 5.9
CVE-2017-15348
HIGH
Huawei IPS Module V500R001C00 - Unauthenticated Denial of Service via MPLS Echo Request
CVSS 7.5
CVE-2017-15346
MEDIUM
Huawei S Series Switches - Denial of Service via Malicious XML File Parsing
CVSS 4.7
CVE-2017-15333
MEDIUM
Huawei S12700 S1700 S5700 S6700 S7700 S9700 eCNS210_TD Firmware - Denial of Service via XML Parser
CVSS 4.7
CVE-2017-18088
MEDIUM
Atlassian Bitbucket 5.3.0-5.3.6 5.4.0-5.4.5 5.5.0-5.5.5 5.6.0-5.6.2 5.7.0 - Clickjacking via Plugin Servlet Resources
CVSS 4.3
CVE-2017-15699
MEDIUM
Apache Qpid Dispatch Router 0.7.0 and 0.8.0 - Denial of Service via Crafted AMQP Frame
CVSS 6.5
CVE-2017-13229
CRITICAL
Android 7.0 7.1.1 7.1.2 8.0 8.1 - Remote Code Execution in Media Framework
CVSS 9.8
CVE-2017-15394
MEDIUM
Google Chrome < 62.0.3202.62 - Domain Spoofing via IDN Homographs in Extension Permission Dialogs
CVSS 6.5
CVE-2017-15392
MEDIUM
Google Chrome < 62.0.3202.62 - Heap Corruption via Crafted Windows Registry Entry
CVSS 4.3
CVE-2017-15390
MEDIUM
Google Chrome < 62.0.3202.62 - Domain Spoofing via IDN Homographs in Omnibox
CVSS 6.5
CVE-2017-15389
MEDIUM
Google Chrome < 62.0.3202.62 - URL Spoofing via Omnibox Manipulation
CVSS 6.5
CVE-2017-15386
MEDIUM
Google Chrome < 62.0.3202.62 - URL Spoofing via Omnibox Manipulation
CVSS 6.5
CVE-2017-12473
HIGH
ccn-lite < 2.0.0 - Denial of Service via Malformed Packet L Values
CVSS 7.5
CVE-2017-6169
MEDIUM
F5 BIG-IP Policy Enforcement Manager 11.6.0-11.6.2, 12.0.0-12.1.3, 13.0.0 - DoS via Malformed URL
CVSS 6.8
CVE-2017-18123
HIGH
DokuWiki < 2017-02-19e - Reflected File Download via AJAX Call Parameter
CVSS 8.6
CVE-2017-2296
MEDIUM
Puppet Enterprise 2017.1.x and 2017.2.1 - Denial of Service via Specially Formatted Classifier Node Group Names
CVSS 6.5
Details
Vulnerabilities
12,621
Exploit Likelihood
High