CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,622 vulnerabilities with CWE-20
CVE-2017-1541 HIGH
IBM AIX 5.3 6.1 7.1 7.2 - Improper Input Validation in JRE/SDK Install/Update Packages
CVSS 7.3
CVE-2017-9538 MEDIUM
SolarWinds Network Performance Monitor <12.0.15300.90 - DoS
CVSS 4.9
CVE-2017-8018 HIGH
EMC AppSync host plug-in <= 3.5 - Denial of Service
CVSS 7.5
CVE-2017-14771 MEDIUM
Skybox Manager Client Application <8.5.501 - File Upload
CVSS 5.5
CVE-2017-13704 HIGH
Canonical Ubuntu Linux < 2.77 - Improper Input Validation
CVSS 7.5
CVE-2017-14944 HIGH
Inedo ProGet < 4.7.13 - Improper Input Validation during Package Addition
CVSS 7.5
CVE-2017-14935 HIGH
Pulse Secure Pulse One On-Premise <= 2.0.1649 - Information Disclosure via Improper Request Validation
CVSS 7.5
CVE-2017-12240 CRITICAL KEV
Cisco IOS 12.2-15.6 and IOS XE - Unauthenticated Remote Code Execution via DHCPv4 Packet Buffer Overflow
CVSS 9.8
CVE-2017-12235 HIGH KEV
Cisco IOS 12.2-15.6 - Unauthenticated Denial of Service via PN-DCP Identify Request Packet Parsing
CVSS 7.5
CVE-2017-12234 HIGH KEV
Cisco IOS 12.4-15.6 - Unauthenticated Denial of Service via CIP Packet Parsing
CVSS 7.5
CVE-2017-12233 HIGH KEV
Cisco IOS 12.4-15.6 - Unauthenticated Denial of Service via CIP Packet Parsing
CVSS 7.5
CVE-2017-12228 MEDIUM
Cisco Network Plug and Play - Info Disclosure
CVSS 5.9
CVE-2017-12226 HIGH
Cisco IOS XE - Privilege Escalation
CVSS 8.8
CVE-2017-12222 MEDIUM
Cisco IOS XE 16.1-16.3.3 - Unauthenticated Denial of Service via Crafted Association Request
CVSS 6.5
CVE-2017-1000252 MEDIUM
Linux Kernel < 4.13.3 - Denial of Service via Out-of-Bounds Guest IRQ Value
CVSS 5.5
CVE-2017-1555 MEDIUM
IBM API Connect 5.0.0.0-5.0.7.2 - Authenticated API Token Generation Bypass
CVSS 4.3
CVE-2017-1551 MEDIUM
IBM API Connect - Improper Input Validation
CVSS 6.1
CVE-2017-6277 HIGH
NVIDIA GPU Display Driver - Denial of Service or Privilege Escalation via DxgkDdiEscape Handler
CVSS 7.8
CVE-2017-6272 HIGH
NVIDIA GPU Display Driver - Denial of Service or Privilege Escalation via Kernel Mode Layer Handler
CVSS 7.8
CVE-2017-6269 HIGH
NVIDIA Windows GPU Display Driver - DoS or Privilege Escalation via DxgkDdiEscape Handler
CVSS 7.8
CVE-2017-6268 HIGH
NVIDIA GPU Display Driver - Denial of Service or Privilege Escalation via DxgkDdiEscape Handler
CVSS 7.8
CVE-2017-14650 HIGH
Horde_Image 2.0.0-2.5.1 - Remote Code Execution via ImageMagick Command Line Index Field
CVSS 8.1
CVE-2017-14320 HIGH
Mirasvit Helpdesk MX < 1.5.2 - Remote Code Execution via Unfiltered File Upload
CVSS 8.0
CVE-2017-14635 HIGH
OTRS <3.3.18-5.0.23 - Privilege Escalation
CVSS 8.8
CVE-2017-12255 MEDIUM
Cisco UCS Central Software - Authenticated Restricted Shell Break via CLI Command Injection
CVSS 6.7
Details
Vulnerabilities 12,622
Exploit Likelihood High