CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,622 vulnerabilities with CWE-20
CVE-2017-5072 MEDIUM
Google Chrome < 59.0.3071.92 for Android - Domain Spoofing via RTL Character URL
CVSS 6.5
CVE-2017-5071 MEDIUM
Google Chrome <59.0.3071.86-59.0.3071.92 - Info Disclosure
CVSS 6.3
CVE-2017-5067 MEDIUM
Google Chrome <58.0.3029.81 - Info Disclosure
CVSS 6.5
CVE-2017-5065 MEDIUM
Google Chrome <58.0.3029.81 - Info Disclosure
CVSS 4.7
CVE-2017-15879 HIGH
KeystoneJS < 4.0.0-beta.7 - CSV Injection via CSV Export
CVSS 8.8
CVE-2017-1210 HIGH
IBM Daeja ViewONE 4.1.5.1 and 5.0.2 - Unauthenticated Log File Data Injection
CVSS 7.5
CVE-2017-14696 HIGH
SaltStack Salt DoS via Crafted Authentication Request
CVSS 7.5
CVE-2017-7126 CRITICAL
macOS < 10.12.6 - Denial of Service via file Product Input Validation
CVSS 9.8
CVE-2017-7125 CRITICAL
macOS < 10.12.6 - Denial of Service via file Product Input Validation
CVSS 9.8
CVE-2017-7124 CRITICAL
macOS < 10.12.6 - Denial of Service via file Product Input Validation
CVSS 9.8
CVE-2017-7123 CRITICAL
macOS < 10.12.6 - Denial of Service via file Product Input Validation
CVSS 9.8
CVE-2017-7122 CRITICAL
macOS < 10.12.6 - Denial of Service via file Product Input Validation
CVSS 9.8
CVE-2017-7121 CRITICAL
macOS < 10.12.6 - Denial of Service via file Product Input Validation
CVSS 9.8
CVE-2017-7119 MEDIUM
Apple <10.13 - Privilege Escalation
CVSS 5.5
CVE-2017-7118 MEDIUM
iPhone OS < 10.3.3 - Denial of Service via Crafted Image in Messages
CVSS 5.5
CVE-2017-7106 MEDIUM
Safari < 10.1.2 - Address Bar Spoofing via WebKit
CVSS 6.5
CVE-2017-7085 MEDIUM
Safari < 10.1.2 - Address Bar Spoofing via Improper Input Validation
CVSS 6.5
CVE-2017-7083 MEDIUM
iPhone OS < 10.3.3, macOS < 10.12.6, tvOS < 10.2.2, watchOS < 3.2.3 - Denial of Service in CFNetwork Proxies
CVSS 4.9
CVE-2017-7074 MEDIUM
macOS < 10.12.6 - Denial of Service via Crafted App
CVSS 5.5
CVE-2017-7072 MEDIUM
iPhone OS < 10.3.3 - Denial of Service in iBooks via Crafted File
CVSS 5.5
CVE-2017-6141 MEDIUM
F5 BIG-IP 12.1.0-12.1.2 DoS via TLS Abbreviated Handshake
CVSS 5.9
CVE-2017-2132 HIGH
Panasonic KX-HJB1000 - Path Traversal
CVSS 7.5
CVE-2017-15651 MEDIUM
PRTG Network Monitor 17.3.33.2830 - Authenticated Remote Code Execution via .exe File Upload
CVSS 6.7
CVE-2017-10955 HIGH
Dell EMC Data Protection Advisor 6.3.0 - Authenticated Remote Code Execution via preScript Parameter
CVSS 8.8
CVE-2017-12301 MEDIUM
Cisco NX-OS - Authenticated Command Injection via Python Scripting Subsystem
CVSS 6.7
Details
Vulnerabilities 12,622
Exploit Likelihood High