CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,622 vulnerabilities with CWE-20
CVE-2017-11673 CRITICAL
Acunetix Web Vulnerability Scanner - Remote Code Execution via Malformed PRE File
CVSS 9.8
CVE-2017-11638 HIGH
GraphicsMagick 1.3.26 - Memory Corruption
CVSS 8.8
CVE-2017-11613 MEDIUM
LibTIFF 4.0.8 - Denial of Service via TIFFOpen Function
CVSS 6.5
CVE-2017-6751 HIGH
Cisco Web Security Appliance - Unauthenticated Access Control Bypass via Web Proxy Interface
CVSS 7.5
CVE-2017-6746 HIGH
Cisco Web Security Appliance - Command Injection
CVSS 7.2
CVE-2017-9457 MEDIUM
Intense PC Phoenix SecureCore - Privilege Escalation
CVSS 6.7
CVE-2017-11499 HIGH
Node.js 4.0-4.8.3 5.x 6.0-6.11.0 7.0-7.10.0 8.0-8.1.3 - Denial of Service via Hash Flooding
CVSS 7.5
CVE-2017-11555 HIGH
LibSass 3.4.5 - Denial of Service via Illegal Address Access in Eval::operator
CVSS 7.5
CVE-2017-11553 HIGH
Exiv2 0.26 - Denial of Service via Illegal Address Access in extend_alias_table
CVSS 7.5
CVE-2017-1267 HIGH
IBM Security Guardium 10.0-10.1 - Unauthenticated Code Execution via Unverified Patch Processing
CVSS 7.5
CVE-2017-11495 CRITICAL
PHICOMM K2(PSG1218) <V22.5.11.5 - RCE
CVSS 9.8
CVE-2017-7064 MEDIUM
Apple <10.3.3, <10.1.2, <6.2.2, <12.6.2 - Info Disclosure
CVSS 5.5
CVE-2017-7060 MEDIUM
Safari < 10.1.2 and iPhone OS < 10.3.3 - Denial of Service via Safari Printing
CVSS 6.5
CVE-2017-7045 MEDIUM
macOS < 10.12.6 - Memory Read Restriction Bypass in Intel Graphics Driver
CVSS 5.5
CVE-2017-7011 MEDIUM
Safari < 10.1.2 and iPhone OS < 10.3.2 - Address Bar Spoofing via FRAME Elements
CVSS 6.5
CVE-2017-2517 MEDIUM
iPhone OS < 10.3.3 - Address Bar Spoofing in Safari
CVSS 6.5
CVE-2017-11411 HIGH
Wireshark <= 2.0.13 and 2.2.x <= 2.2.7 - Denial of Service in openSAFETY Dissector
CVSS 7.5
CVE-2017-11410 HIGH
Wireshark <= 2.0.13 and 2.2.x <= 2.2.7 - Denial of Service via WBXML Dissector Infinite Loop
CVSS 7.5
CVE-2017-11408 HIGH
Wireshark 2.2.0-2.2.7 and 2.0.0-2.0.13 - Denial of Service in AMQP Dissector
CVSS 7.5
CVE-2017-11407 HIGH
Wireshark 2.0.0-2.0.13 - Denial of Service in MQ Dissector
CVSS 7.5
CVE-2017-9811 CRITICAL
Kaspersky Anti-Virus for Linux File Server < 8.0.3.297 - Privilege Escalation via Quarantine Operations
CVSS 9.8
CVE-2017-8004 HIGH
RSA Identity Governance and Lifecycle 7.0.1-7.0.2 - Arbitrary File Upload and Remote Code Execution
CVSS 7.2
CVE-2017-2347 MEDIUM
Juniper Networks Junos OS <14.2 - DoS
CVSS 6.5
CVE-2017-2345 CRITICAL
Junos OS - Unauthenticated Denial of Service and Remote Code Execution via Crafted SNMP Packet
CVSS 9.8
CVE-2017-2314 HIGH
Juniper Networks Junos OS <12.3R12-S4-13.3R4-S11 - DoS
CVSS 7.5
Details
Vulnerabilities 12,622
Exploit Likelihood High