The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,622 vulnerabilities with CWE-20
CVE-2017-12287
MEDIUM
Cisco Expressway Series/Cisco VCS - DoS
CVSS 4.3
CVE-2017-12286
MEDIUM
Cisco Jabber - Authenticated Information Disclosure via Web Interface
CVSS 5.5
CVE-2017-12285
MEDIUM
Cisco Network Analysis Module Software - Path Traversal
CVSS 5.3
CVE-2017-15591
MEDIUM
Xen 4.5.x-4.9.x - Denial of Service via DMOP Map/Unmap Implementation
CVSS 6.5
CVE-2017-3759
HIGH
Lenovo Service Framework - Remote Code Execution via Improper Server Response Validation
CVSS 8.1
CVE-2017-0316
HIGH
GeForce Experience 3.x < 3.10.0.55 - Denial of Service or Privilege Escalation via Unvalidated User Input
CVSS 7.8
CVE-2017-10615
CRITICAL
Junos OS 14.1R5-14.1R8-S3, 14.1R9 and 14.1X53 < D50 - Unauthenticated Remote Code Execution via PAM
CVSS 9.8
CVE-2017-10610
HIGH
Juniper Junos OS DoS via Crafted ICMP Packet in NAT64 Tunnel
CVSS 7.5
CVE-2017-15012
HIGH
OpenText Documentum Content Server < 7.3 - Authenticated Arbitrary File Read via PUT_FILE RPC Command
CVSS 8.8
CVE-2017-11782
HIGH
Microsoft Windows 10 1607 & Windows Server 2016 - Privilege Escalation
CVSS 7.8
CVE-2017-11781
HIGH
Microsoft Windows SMB - Denial of Service via Specially Crafted Requests
CVSS 7.5
CVE-2017-11771
CRITICAL
Windows Search - Remote Code Execution via DNS Response Handling
CVSS 9.8
CVE-2017-11763
HIGH
Microsoft Graphics Component - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2017-11762
HIGH
Microsoft Graphics Component - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2017-15285
HIGH
X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 - Remote Code Execution via Attachments Section
CVSS 8.8
CVE-2017-8025
HIGH
RSA Archer GRC Platform < 6.2.0.5 - Unauthenticated Arbitrary File Upload via Attachment Feature
CVSS 7.4
CVE-2017-5721
HIGH
Intel NUC7i3BNK NUC7i3BNH NUC7i5BNK NUC7i5BNH NUC7i7BNH <= BN0049 - Arbitrary Code Execution via Memory Manipulation
CVSS 7.5
CVE-2017-8994
CRITICAL
HPE Operations Orchestration <10.80 - RCE
CVSS 9.8
CVE-2017-15185
MEDIUM
libmp3splt 0.9.2 - Denial of Service via Crafted OGG File
CVSS 5.0
CVE-2017-9272
HIGH
Micro Focus Bi-directional Driver < 4.0.3.0 - Denial of Service
CVSS 7.5
CVE-2017-1002153
HIGH
Koji 1.13.0 - Improper Input Validation in SCM Path Handling
CVSS 7.5
CVE-2017-14087
HIGH
Trend Micro OfficeScan XG 12.0 - Host Header Injection
CVSS 7.5
CVE-2017-12264
MEDIUM
Cisco Meeting Server - Unauthenticated Denial of Service via Malicious HTTP Packet
CVSS 5.3
CVE-2017-12246
HIGH
Cisco Adaptive Security Appliance Software - Unauthenticated Denial of Service via HTTP Header Input Validation
CVSS 8.6
CVE-2017-12244
HIGH
Cisco Firepower System Software - DoS
CVSS 8.6
Details
Vulnerabilities
12,622
Exploit Likelihood
High