The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,621 vulnerabilities with CWE-20
CVE-2017-18077
HIGH
brace-expansion < 1.1.7 - Regular Expression Denial of Service via Comma Character Input
CVSS 7.5
CVE-2017-1516
MEDIUM
IBM Engineering Requirements Management DOORS 9.5.0.0-9.5.0.6 - Clickjacking via Malicious Website
CVSS 5.4
CVE-2017-1000402
MEDIUM
Jenkins Swarm Plugin Client <3.4 - Man-in-the-middle
CVSS 5.9
CVE-2017-1000401
LOW
Jenkins 2.73.1-2.83 - Info Disclosure
CVSS 2.2
CVE-2017-1000397
MEDIUM
Jenkins Maven Plugin <2.17 - Man-in-the-middle
CVSS 5.9
CVE-2017-1000394
HIGH
Jenkins < 2.73.1 and < 2.83 - Denial of Service via Commons-Fileupload Library
CVSS 7.5
CVE-2017-1000391
HIGH
Jenkins <2.88 & <2.73.2 - Info Disclosure
CVSS 7.3
CVE-2017-12187
CRITICAL
xorg-x11-server <1.19.5 - RCE
CVSS 9.8
CVE-2017-12186
CRITICAL
xorg-x11-server <1.19.5 - RCE
CVSS 9.8
CVE-2017-12185
CRITICAL
xorg-x11-server <1.19.5 - RCE
CVSS 9.8
CVE-2017-12184
CRITICAL
xorg-x11-server <1.19.5 - RCE
CVSS 9.8
CVE-2017-12183
CRITICAL
xorg-x11-server <1.19.5 - RCE
CVSS 9.8
CVE-2017-12182
CRITICAL
xorg-x11-server <1.19.5 - RCE
CVSS 9.8
CVE-2017-12181
CRITICAL
xorg-x11-server <1.19.5 - RCE
CVSS 9.8
CVE-2017-12180
CRITICAL
xorg-x11-server <1.19.5 - RCE
CVSS 9.8
CVE-2017-12178
CRITICAL
xorg-x11-server <1.19.5 - RCE
CVSS 9.8
CVE-2017-12176
CRITICAL
xorg-x11-server <1.19.5 - RCE
CVSS 9.8
CVE-2017-15697
CRITICAL
Apache NiFi 1.0.0-1.4.0 - Remote Code Execution via X-ProxyContextPath or X-Forwarded-Context Header
CVSS 9.8
CVE-2017-12632
HIGH
Apache NiFi < 1.5.0 - Server-Side Request Forgery via Host Header
CVSS 7.5
CVE-2017-2750
CRITICAL
HP L2683a Firmware < 2405087_018552 - Improper Input Validation
CVSS 9.8
CVE-2017-15105
MEDIUM
Unbound < 1.6.8 - Improperly Implemented Security Check for Standard
CVSS 5.3
CVE-2017-15093
MEDIUM
PowerDNS Recursor 3.0-3.7.4 - Authenticated Configuration Injection via API
CVSS 5.3
CVE-2017-16594
MEDIUM
NetGain Systems Enterprise Manager <7.2.730 build 1034 - RCE
CVSS 6.5
CVE-2017-7325
HIGH
Yandex Browser < 16.9.0 - Address Bar Spoofing via window.open
CVSS 7.5
CVE-2017-17860
MEDIUM
Google Android - Improper Input Validation
CVSS 5.7
Details
Vulnerabilities
12,621
Exploit Likelihood
High