CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,622 vulnerabilities with CWE-20
CVE-2017-17850 HIGH
Asterisk < 13.18.4, < 14.7.4, < 15.1.4, and < 13.18-cert1 - Denial of Service via Missing Contact Header in SIP Messages
CVSS 7.5
CVE-2017-17846 HIGH
Enigmail < 1.9.9 - Denial of Service via Regular Expression Matching
CVSS 7.5
CVE-2017-13858 HIGH
macOS < 10.13.2 - Remote Code Execution in IOKit
CVSS 7.8
CVE-2017-13848 HIGH
macOS < 10.13.2 - Remote Code Execution in IOKit
CVSS 7.8
CVE-2017-14022 HIGH
Rockwell Automation FactoryTalk Alarms and Events <2.90 - DoS
CVSS 7.5
CVE-2017-15324 HIGH
Huawei S5700 and S6700 V200R005C00 - Denial of Service via Malformed NQA Packets
CVSS 7.5
CVE-2017-15322 MEDIUM
Huawei Baggio-L03A Firmware - Denial of Service via NFC Message Input Validation
CVSS 6.5
CVE-2017-15310 MEDIUM
Huawei iReader < 8.0.2.301 - Arbitrary File Deletion via Input Validation Bypass
CVSS 6.5
CVE-2017-15308 HIGH
Huawei iReader < 8.0.2.301 - Remote Code Execution via URL Input Validation
CVSS 8.8
CVE-2017-10908 HIGH
Dena H2o < 2.2.3 - Improper Input Validation
CVSS 7.5
CVE-2017-10868 HIGH
Dena H2o < 2.2.3 - Improper Input Validation
CVSS 7.5
CVE-2017-6164 HIGH
F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.0-11.5.4 - DoS or RCE via Malformed TLS1.2 Records
CVSS 8.1
CVE-2017-6140 HIGH
F5 BIG-IP LTM AAM AFM Analytics ASM DNS GTM PEM 11.5.0-12.1.2 - Denial of Service via SSL Profile Packet Sequence
CVSS 7.5
CVE-2017-6138 HIGH
F5 BIG-IP 12.1.0-12.1.2, 13.0.0 DoS via Malicious HTTP Requests
CVSS 7.5
CVE-2017-6136 MEDIUM
F5 BIG-IP 12.0.0-12.1.2, 13.0.0 DoS via TCP Fast Open and Tail Loss Probe
CVSS 5.9
CVE-2017-6134 MEDIUM
F5 BIG-IP 11.5.1-11.6.1, 12.1.0-12.1.2, 13.0.0 DoS via Adjacent Network Packet Sequence
CVSS 6.5
CVE-2017-6133 HIGH
F5 BIG-IP 12.1.0-12.1.2, 13.0.0 DoS via Undisclosed HTTP Requests
CVSS 7.5
CVE-2017-6132 HIGH
F5 BIG-IP 11.5.0-11.5.4, 11.6.0-11.6.1, 12.0.0-12.1.2, 13.0.0 - DoS via HA State Mirror Listener
CVSS 7.5
CVE-2017-6129 HIGH
F5 BIG-IP APM 12.1.2, 13.0.0 - Denial of Service via VPN/PPP Connflow Handling
CVSS 7.5
CVE-2017-17831 HIGH
Git LFS < 2.1.1 - Remote Code Execution via SSH URL Hostname
CVSS 8.8
CVE-2017-17810 MEDIUM
Netwide Assembler 2.14rc0 - Denial of Service via Macro Call Argument Mishandling
CVSS 5.5
CVE-2017-17805 HIGH
Linux Kernel < 4.14.8 - Denial of Service via Salsa20 Zero-Length Input Handling
CVSS 7.8
CVE-2017-1696 HIGH
IBM QRadar 7.2-7.3 - Command Injection
CVSS 8.8
CVE-2017-14968 HIGH
IKARUS anti.virus < 2.16.18 - Arbitrary Write via ntguard.sys IOCtl 0x830000c4
CVSS 7.8
CVE-2017-14967 HIGH
IKARUS anti.virus < 2.16.18 - Arbitrary Write via ntguard.sys IOCtl 0x83000080
CVSS 7.8
Details
Vulnerabilities 12,622
Exploit Likelihood High