CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,622 vulnerabilities with CWE-20
CVE-2017-7669 HIGH
Apache Hadoop <3.0.0-alpha2 - Command Injection
CVSS 7.5
CVE-2017-9354 HIGH
Wireshark 2.0.0-2.0.12 - Denial of Service in RGMP Dissector
CVSS 7.5
CVE-2017-9353 HIGH
Wireshark 2.2.0-2.2.6 - Denial of Service in IPv6 Dissector
CVSS 7.5
CVE-2017-9350 HIGH
Wireshark <2.2.6, <2.0.12 - Memory Corruption
CVSS 7.5
CVE-2017-9334 HIGH
CHICKEN Scheme < 4.12.0 - Denial of Service via Improper List Length Check
CVSS 7.5
CVE-2017-4897 MEDIUM
VMware Horizon DaaS <7.0.0 - Info Disclosure
CVSS 5.5
CVE-2017-9303 MEDIUM
Laravel 5.4.x < 5.4.22 - Improper Input Validation in Password Reset URL Host
CVSS 6.1
CVE-2017-9263 MEDIUM
Open vSwitch 2.7.0 - DoS
CVSS 6.5
CVE-2017-9242 MEDIUM
Linux Kernel < 4.11.3 - Denial of Service via __ip6_append_data Race Condition
CVSS 5.5
CVE-2017-3134 HIGH
Fortinet FortiWLC-SD <= 8.2.4 - Privilege Escalation via CLI Command
CVSS 7.2
CVE-2017-9034 CRITICAL
Trend Micro ServerProtect for Linux <3.0 - RCE
CVSS 9.8
CVE-2017-0373 HIGH
Config-Model < 2.102 - Remote Code Execution via Crafted Debian Package File
CVSS 7.3
CVE-2017-9188 CRITICAL
AutoTrace 0.31.1 - Integer Overflow in BMP Input Parser
CVSS 9.8
CVE-2017-9144 MEDIUM
ImageMagick 7.0.5-5 - Memory Corruption
CVSS 6.5
CVE-2017-9142 MEDIUM
ImageMagick <7.0.5-7 - Buffer Overflow
CVSS 6.5
CVE-2017-9141 MEDIUM
ImageMagick <7.0.5-7 - Buffer Overflow
CVSS 6.5
CVE-2017-2540 MEDIUM
macOS < 10.12.4 - Memory Read Restriction Bypass in WindowServer
CVSS 5.5
CVE-2017-2535 HIGH
macOS < 10.12.4 - Sandbox Escape and Denial of Service via Crafted App
CVSS 7.8
CVE-2017-2511 MEDIUM
Safari < 10.1.1 - Address Bar Spoofing via Crafted Web Site
CVSS 6.5
CVE-2017-2500 MEDIUM
Safari < 10.1.1 - Address Bar Spoofing via Crafted Web Site
CVSS 4.7
CVE-2017-2495 MEDIUM
Apple Iphone OS < 10.3.1 - Improper Input Validation
CVSS 6.5
CVE-2017-6650 HIGH
Cisco NX-OS 7.1-7.3 - Authenticated Command Injection via Telnet CLI
CVSS 7.8
CVE-2017-6649 HIGH
Cisco NX-OS 7.1-7.3 - Authenticated Command Injection via CLI Arguments
CVSS 7.8
CVE-2017-6637 MEDIUM
Cisco Prime Collaboration Provisioning < 11.1 - Authenticated Arbitrary File Deletion via Directory Traversal
CVSS 6.5
CVE-2017-9131 HIGH
Mimosa Client Radios <2.2.3 - Unauthenticated RCE
CVSS 7.5
Details
Vulnerabilities 12,622
Exploit Likelihood High