The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,622 vulnerabilities with CWE-20
CVE-2017-7669
HIGH
Apache Hadoop <3.0.0-alpha2 - Command Injection
CVSS 7.5
CVE-2017-9354
HIGH
Wireshark 2.0.0-2.0.12 - Denial of Service in RGMP Dissector
CVSS 7.5
CVE-2017-9353
HIGH
Wireshark 2.2.0-2.2.6 - Denial of Service in IPv6 Dissector
CVSS 7.5
CVE-2017-9350
HIGH
Wireshark <2.2.6, <2.0.12 - Memory Corruption
CVSS 7.5
CVE-2017-9334
HIGH
CHICKEN Scheme < 4.12.0 - Denial of Service via Improper List Length Check
CVSS 7.5
CVE-2017-4897
MEDIUM
VMware Horizon DaaS <7.0.0 - Info Disclosure
CVSS 5.5
CVE-2017-9303
MEDIUM
Laravel 5.4.x < 5.4.22 - Improper Input Validation in Password Reset URL Host
CVSS 6.1
CVE-2017-9263
MEDIUM
Open vSwitch 2.7.0 - DoS
CVSS 6.5
CVE-2017-9242
MEDIUM
Linux Kernel < 4.11.3 - Denial of Service via __ip6_append_data Race Condition
CVSS 5.5
CVE-2017-3134
HIGH
Fortinet FortiWLC-SD <= 8.2.4 - Privilege Escalation via CLI Command
CVSS 7.2
CVE-2017-9034
CRITICAL
Trend Micro ServerProtect for Linux <3.0 - RCE
CVSS 9.8
CVE-2017-0373
HIGH
Config-Model < 2.102 - Remote Code Execution via Crafted Debian Package File
CVSS 7.3
CVE-2017-9188
CRITICAL
AutoTrace 0.31.1 - Integer Overflow in BMP Input Parser
CVSS 9.8
CVE-2017-9144
MEDIUM
ImageMagick 7.0.5-5 - Memory Corruption
CVSS 6.5
CVE-2017-9142
MEDIUM
ImageMagick <7.0.5-7 - Buffer Overflow
CVSS 6.5
CVE-2017-9141
MEDIUM
ImageMagick <7.0.5-7 - Buffer Overflow
CVSS 6.5
CVE-2017-2540
MEDIUM
macOS < 10.12.4 - Memory Read Restriction Bypass in WindowServer
CVSS 5.5
CVE-2017-2535
HIGH
macOS < 10.12.4 - Sandbox Escape and Denial of Service via Crafted App
CVSS 7.8
CVE-2017-2511
MEDIUM
Safari < 10.1.1 - Address Bar Spoofing via Crafted Web Site
CVSS 6.5
CVE-2017-2500
MEDIUM
Safari < 10.1.1 - Address Bar Spoofing via Crafted Web Site
CVSS 4.7
CVE-2017-2495
MEDIUM
Apple Iphone OS < 10.3.1 - Improper Input Validation
CVSS 6.5
CVE-2017-6650
HIGH
Cisco NX-OS 7.1-7.3 - Authenticated Command Injection via Telnet CLI
CVSS 7.8
CVE-2017-6649
HIGH
Cisco NX-OS 7.1-7.3 - Authenticated Command Injection via CLI Arguments
CVSS 7.8
CVE-2017-6637
MEDIUM
Cisco Prime Collaboration Provisioning < 11.1 - Authenticated Arbitrary File Deletion via Directory Traversal
CVSS 6.5
CVE-2017-9131
HIGH
Mimosa Client Radios <2.2.3 - Unauthenticated RCE
CVSS 7.5
Details
Vulnerabilities
12,622
Exploit Likelihood
High