CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,622 vulnerabilities with CWE-20
CVE-2017-6619 HIGH
Cisco Integrated Management Controller 3.0(1c) - Authenticated Remote Code Execution via HTTP POST Request
CVSS 8.8
CVE-2017-6616 HIGH
Cisco Integrated Management Controller 3.0(1c) - Authenticated Remote Code Execution via HTTP Request
CVSS 8.8
CVE-2017-6613 MEDIUM
Cisco Prime Network Registrar < 8.3.5 - Unauthenticated Denial of Service via Malformed DNS Packet
CVSS 5.8
CVE-2017-6610 HIGH
Cisco Adaptive Security Appliance Software - Denial of Service via IKEv1 XAUTH Parameter Validation
CVSS 7.7
CVE-2017-7692 HIGH
SquirrelMail <20170427_0200-SVN - RCE
CVSS 8.8
CVE-2017-7283 HIGH
Unitrends Enterprise Backup <9.1.2 - Command Injection
CVSS 8.8
CVE-2017-7979 HIGH
Linux Kernel 4.11-rc1-4.11-rc7 - Denial of Service via Packet Action API Cookie Handling
CVSS 7.8
CVE-2017-7645 HIGH
Linux Kernel <= 4.10.11 - Denial of Service via Long NFSv2/NFSv3 RPC Reply
CVSS 7.5
CVE-2017-7892 HIGH
capnproto < 0.5.3 - Denial of Service via Crafted Far Pointer
CVSS 7.5
CVE-2017-1161 HIGH
IBM API Connect 5.0.6.0 - Command Injection
CVSS 7.3
CVE-2017-5659 HIGH
Apache Traffic Server < 6.2.1 - Denial of Service via Content Length and Chunked Encoding Mismatch
CVSS 7.5
CVE-2017-6554 HIGH
Quest Privilege Manager < 6.0.0.061 - Arbitrary File Write and Remote Code Execution via ACT_NEWFILESENT Action
CVSS 7.2
CVE-2017-7456 HIGH
Moxa MXView 2.8 - Denial of Service via Long Login Credential Payload
CVSS 7.5
CVE-2017-7408 HIGH
Palo Alto Networks Traps ESM Console <3.4.4 - DoS
CVSS 7.5
CVE-2017-7218 HIGH
Palo Alto Networks PAN-OS <7.1.9 - Privilege Escalation
CVSS 7.8
CVE-2017-7217 MEDIUM
PAN-OS < 7.0.13 - Unauthenticated Arbitrary File Write via Export Function
CVSS 4.3
CVE-2017-7747 HIGH
Wireshark 2.2.0-2.2.5 & 2.0.0-2.0.11 - Crash
CVSS 7.5
CVE-2017-7280 CRITICAL
Unitrends Enterprise Backup <9.0.0 - RCE
CVSS 9.8
CVE-2017-6059 HIGH
mod_auth_openidc < 2.1.4 - Open Redirect via Malicious URL
CVSS 7.5
CVE-2017-2989 CRITICAL
Adobe Campaign Build 8770 and earlier - Unauthenticated Data Manipulation via Input Validation Bypass
CVSS 9.1
CVE-2017-0197 HIGH
Microsoft OneNote 2007 SP3 and 2010 SP2 - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2017-0186 MEDIUM
Microsoft Hyper-V Network Switch - Denial of Service via Improper Input Validation
CVSS 5.8
CVE-2017-0185 MEDIUM
Microsoft Windows 10 - Improper Input Validation
CVSS 5.8
CVE-2017-0184 MEDIUM
Microsoft Hyper-V - Denial of Service via Privileged Guest Input
CVSS 5.4
CVE-2017-0183 MEDIUM
Microsoft Hyper-V Network Switch - Denial of Service via Privileged Guest Input
CVSS 5.8
Details
Vulnerabilities 12,622
Exploit Likelihood High