CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,622 vulnerabilities with CWE-20
CVE-2017-14966 HIGH
IKARUS anti.virus < 2.16.18 - Arbitrary Write via ntguard.sys IOCtl 0x830000c0
CVSS 7.8
CVE-2017-14965 HIGH
IKARUS anti.virus < 2.16.18 - Arbitrary Write via ntguard.sys IOCtl 0x830000cc
CVSS 7.8
CVE-2017-14964 HIGH
IKARUS anti.virus < 2.16.18 - Arbitrary Write via ntguard.sys IOCtl 0x8300005c
CVSS 7.8
CVE-2017-14963 HIGH
IKARUS anti.virus < 2.16.18 - Arbitrary Write via ntguard.sys IOCtl 0x83000058
CVSS 7.8
CVE-2017-17804 HIGH
IKARUS anti.virus 2.16.20 - Denial of Service via IOCtl 0x83000084
CVSS 7.8
CVE-2017-17803 HIGH
TG Soft Vir.IT eXplorer Lite 8.5.65 - Denial of Service via IOCtl 0x82736068
CVSS 7.8
CVE-2017-17802 HIGH
TG Soft Vir.IT eXplorer Lite 8.5.65 - Denial of Service via IOCtl 0x8273E080
CVSS 7.8
CVE-2017-17801 HIGH
TG Soft Vir.IT eXplorer Lite 8.5.65 - Denial of Service via IOCtl 0x8273E060
CVSS 7.8
CVE-2017-17800 HIGH
TG Soft Vir.IT eXplorer Lite 8.5.65 - Denial of Service via IOCtl 0x8273A0A0
CVSS 7.8
CVE-2017-17799 HIGH
TG Soft Vir.IT eXplorer Lite 8.5.65 - Denial of Service via IOCtl 0x82730068
CVSS 7.8
CVE-2017-17798 HIGH
TG Soft Vir.IT eXplorer Lite 8.5.42 - Denial of Service via IOCtl 0x8273A0A0
CVSS 7.8
CVE-2017-17797 HIGH
IKARUS anti.virus 2.16.20 - Denial of Service via IOCtl 0x83000058
CVSS 7.8
CVE-2017-17796 HIGH
TG Soft Vir.IT eXplorer Lite 8.5.65 - Denial of Service via IOCtl 0x827300A4
CVSS 7.8
CVE-2017-17795 HIGH
IKARUS anti.virus 2.16.20 - Denial of Service via IOCtl 0x83000088
CVSS 7.8
CVE-2017-15103 HIGH
Heketi < 5.0.1 - Authenticated Remote Command Execution via API Request
CVSS 8.8
CVE-2017-14583 MEDIUM
NetApp Clustered Data ONTAP <9.1P10,9.2P2 - DoS
CVSS 6.5
CVE-2017-3191 CRITICAL
D-Link DIR-130 and DIR-330 Firmware - Unauthenticated Authentication Bypass via Login Page POST Request
CVSS 9.8
CVE-2017-17537 HIGH
MikroTik RouterBOARD 6.39.2 and 6.40.5 - Unauthenticated Denial of Service via TCP Port 53
CVSS 7.5
CVE-2017-14589 CRITICAL
Atlassian Bamboo < 6.1.6 and 6.2.0-6.2.5 - Authenticated Remote Code Execution via FreeMarker OGNL Evaluation
CVSS 9.6
CVE-2017-17565 MEDIUM
Xen < 4.9.1 - Denial of Service via M2P Assertion Failure
CVSS 5.6
CVE-2017-11936 HIGH
Microsoft SharePoint Enterprise Server 2016 - Privilege Escalation
CVSS 8.8
CVE-2017-11932 HIGH
Microsoft Exchange Server 2016 CU5- - Info Disclosure
CVSS 8.1
CVE-2017-11885 MEDIUM
Microsoft Windows RRAS Service - Remote Code Execution
CVSS 6.6
CVE-2017-16691 MEDIUM
SAP BASIS -7.02,-7.11,-7.30,-7.31,-7.40,-7.52 - Code Injection
CVSS 6.5
CVE-2017-17551 HIGH
Dolphin Browser 12.0.2 - Arbitrary File Write via Malicious Backup File
CVSS 8.8
Details
Vulnerabilities 12,622
Exploit Likelihood High