The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,622 vulnerabilities with CWE-20
CVE-2017-14388
HIGH
Cloud Foundry Foundation GrootFS <0.30.0 - Code Injection
CVSS 7.8
CVE-2017-13849
MEDIUM
iPhone OS < 11.1 - Denial of Service in CoreText via Crafted Text File
CVSS 5.5
CVE-2017-13809
HIGH
macOS < 10.13.1 - Remote Code Execution via AppleScript osadecompile Mishandling
CVSS 7.8
CVE-2017-13807
HIGH
macOS < 10.13.1 - Remote Code Execution or Denial of Service via Crafted QuickTime File
CVSS 7.8
CVE-2017-13804
MEDIUM
iPhone OS < 11.1, macOS < 10.13.1, tvOS < 11.1, watchOS < 4.1 - Arbitrary File Write via Crafted ZIP Archive
CVSS 5.5
CVE-2017-13790
MEDIUM
Safari < 11.0 - Address Bar Spoofing via Crafted Web Site
CVSS 6.5
CVE-2017-13789
MEDIUM
Safari < 11.0 - Address Bar Spoofing via Crafted Website
CVSS 6.5
CVE-2017-12802
MEDIUM
libebml2 < 2012-08-26 - Denial of Service via Crafted MKV File
CVSS 6.5
CVE-2017-12801
MEDIUM
libebml2 < 2012-08-26 - Denial of Service via Crafted MKV File
CVSS 6.5
CVE-2017-12783
MEDIUM
libebml2 < 2012-08-26 - Denial of Service via Crafted MKV File
CVSS 6.5
CVE-2017-12782
MEDIUM
libebml2 < 2012-08-26 - Denial of Service via Crafted MKV File
CVSS 6.5
CVE-2017-11461
MEDIUM
NetApp OnCommand Unified Manager - CSRF
CVSS 4.3
CVE-2017-16637
MEDIUM
Vectura Perfect Privacy VPN Manager <1.10.11 - Use After Free
CVSS 4.4
CVE-2017-14025
MEDIUM
ABB FOX515T 1.0 - Unauthenticated Arbitrary File Read via Improper Input Validation
CVSS 5.5
CVE-2017-14023
MEDIUM
Siemens SIMATIC PCS 7 <V8.1 SP1 - Auth Bypass
CVSS 4.9
CVE-2017-11177
HIGH
TRITON AP-EMAIL 8.2 - Unauthenticated Path Traversal
CVSS 7.5
CVE-2017-16547
HIGH
GraphicsMagick 1.3.26 - Denial of Service via DrawImage Function
CVSS 8.8
CVE-2017-16538
MEDIUM
Linux Kernel <= 4.13.11 - Denial of Service via Crafted USB Device in lmedm04 Driver
CVSS 6.6
CVE-2017-16237
HIGH
Vir.IT eXplorer Anti-Virus <8.5.42 - Buffer Overflow
CVSS 7.8
CVE-2017-12277
HIGH
Cisco Firepower < - Command Injection
CVSS 8.8
CVE-2017-12276
HIGH
Cisco Prime Collaboration Provisioning - SQL Injection
CVSS 8.1
CVE-2017-12275
HIGH
Cisco Wireless LAN Controllers - DoS
CVSS 7.4
CVE-2017-12274
MEDIUM
Cisco Aironet 1560, 2800, and 3800 Series Access Points - Unauthenticated Denial of Service via Malformed EAP Frame
CVSS 6.5
CVE-2017-12273
MEDIUM
Cisco Aironet 1560/2800/3800 Series DoS via Malformed 802.11 Association Request
CVSS 6.5
CVE-2017-1000122
MEDIUM
WebKitGTK+ < 2.16.3 - Denial of Service via UNIX IPC Message Metadata
CVSS 5.3
Details
Vulnerabilities
12,622
Exploit Likelihood
High