The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,622 vulnerabilities with CWE-20
CVE-2017-15944
CRITICAL
KEV
Palo Alto Network PAN-OS - Remote Code Execution
CVSS 9.8
CVE-2017-10897
MEDIUM
Buffalo BBR-4HG and BBR-4MG Firmware 1.00-1.48 and 2.00-2.07 - Denial of Service
CVSS 4.5
CVE-2017-15121
MEDIUM
Red Hat Enterprise Linux 6-7 - Denial of Service via FUSE Filesystem Hole Punch
CVSS 5.5
CVE-2017-13148
MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Denial of Service in libmpeg2
CVSS 6.5
CVE-2017-0878
HIGH
Android 8.0 - Remote Code Execution in Media Framework libhevc
CVSS 8.8
CVE-2017-0877
HIGH
Android 6.0 - Remote Code Execution in Media Framework libavc
CVSS 8.8
CVE-2017-0876
HIGH
Android 6.0 - Remote Code Execution in Media Framework libavc
CVSS 8.8
CVE-2017-0874
MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Denial of Service in Media Framework
CVSS 6.5
CVE-2017-0873
MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Denial of Service in Media Framework
CVSS 6.5
CVE-2017-0872
HIGH
Android 7.0-8.0 - Remote Code Execution in libskia
CVSS 8.8
CVE-2017-15868
HIGH
Linux Kernel < 3.19 - Local Privilege Escalation via BNEP Connection Handling
CVSS 7.8
CVE-2017-14914
CRITICAL
Android for MSM - Use-After-Free via Stale Global Client Structure Handles
CVSS 9.8
CVE-2017-14909
CRITICAL
Android for MSM - Improper Input Validation in Count Value Handling
CVSS 9.8
CVE-2017-14908
CRITICAL
Android for MSM - Improper Input Validation in SafeSwitch Test Application
CVSS 9.8
CVE-2017-15707
MEDIUM
Apache Struts 2.5-2.5.14 - Denial of Service via Malicious JSON Payload
CVSS 6.2
CVE-2017-17086
CRITICAL
Indeo Otter < 1.7.4 - Denial of Service via Script Tag Injection in Plan Editor
CVSS 9.8
CVE-2017-17065
HIGH
D-Link DIR-605L Model B <FW2.11betaB06_hbrf - DoS
CVSS 7.5
CVE-2017-12367
CRITICAL
Cisco WebEx Network Recording Player - DoS
CVSS 9.6
CVE-2017-12355
MEDIUM
Cisco IOS XR - Denial of Service via Crafted XML Requests
CVSS 5.3
CVE-2017-12338
MEDIUM
Cisco NX-OS System Software - Info Disclosure
CVSS 6.0
CVE-2017-12336
MEDIUM
Cisco NX-OS - Authenticated Command Execution via TCL Scripting Subsystem
CVSS 4.2
CVE-2017-12334
MEDIUM
Cisco NX-OS System Software - Command Injection
CVSS 6.7
CVE-2017-12328
MEDIUM
Cisco IP Phone 8800 Series - Denial of Service via Malformed SIP Packet Header
CVSS 5.8
CVE-2017-12297
MEDIUM
Cisco WebEx Meeting Center - Authenticated URL Redirection via HTTP Traffic
CVSS 5.0
CVE-2017-16952
MEDIUM
KMPlayer 4.2.2.4 - Denial of Service via Crafted NSV File
CVSS 5.5
Details
Vulnerabilities
12,622
Exploit Likelihood
High